Pokemon GO has proven itself more popular than a lot of people expected.

Despite people coming together at PokeStops to battle and a huge online community of people exchanging hilarious shots of their Pokemon in weird places, there's always going to be a spot of darkness where there's light.

Recently new information surfaced that shows the risk Android users face when side loading third party files.

Though the ones advertised by the likes of Pocket Gamer, Kotaku and Eurogamer seem to be legitimate, there are other non-tested versions that appear identical. These are the ones you've got to watch out for.

Below is the start screen from an infected Pokemon GO APK file. It looks identical to the legitimate version.


The malware is a remote-exploitive Trojan horse for Android called DroidJack.

When installed it opens a back door on the infected device and steals information. It's nothing for eager beavers to start panicking about but it's definitely something to be aware of.

As we've shown below, this malicious exploit looks identical but there are some definite warning signs.

From these images shown above, and in Proofpoint's article, you can see that on the left is Pokemon GO's granted permissions from a legitimate APK, whilst on the right are the permissions from a back-doored Pokemon GO APK.

Anything in an app's granted permissions about editing, reading, making calls or changing anything from your personal phone should throw up a red flag immediately as it's a massive invasion of your privacy.

With people growing restless and eager to join the Pokemon GO craze, it's an unfortunate side effect that there will always be someone out there determined to take advantage of others.

So be safe, be sensible and be vigilant, Android users. Don't do something on a whim that'll come back to bite you in the butt.