Backdoor in Pokemon Go – Daily Security Byte EP. 287

To keep Friday’s story fun, I covered an incident that involves both gaming and infosec. Attackers have already created a malicious version of the popular Pokemon Go app. If you’re an Android user trying to download Pokemon Go from non-official sources, this story is no joke. Watch below to learn more.

(Episode Runtime: 3:16

Direct YouTube Link:


— Corey Nachreiner, CISSP (@SecAdept)

About Corey Nachreiner

Corey Nachreiner has been with WatchGuard since 1999 and has since written more than a thousand concise security alerts and easily-understood educational articles for WatchGuard users. His security training videos have generated hundreds of letters of praise from thankful customers and accumulated more than 100,000 views on YouTube and Google Video. A Certified Information Systems Security Professional (CISSP), Corey speaks internationally and is often quoted by other online sources, including C|NET, eWeek, and Slashdot. Corey enjoys "modding" any technical gizmo he can get his hands on, and considers himself a hacker in the old sense of the word.

2 Responses to “Backdoor in Pokemon Go – Daily Security Byte EP. 287”

  1. Why do you keep saying “non official sources” for Android? Nobody checks what goes into google play – you can publish whatever you want.

    • Chris,

      That is not exactly right, IMHO, but I do get your point. I do agree that Google Play does get infected apps too, so it is not perfect. However, quite awhile back Google instituted something called “Google Bouncer”
      (More here: This mechanism is supposed to automatically check Google Play submitted apps for maliciousness. So Google does have an app vetting process that is supposed to try and keep the malware out.

      That said, there have been many cases of malicious apps getting past this, and security research on how to evade bouncer. Nonetheless, I do think you are still much safer with Google Play apps, than some APK downloaded from a third-party forum or something.

      BTW, thanks for the comment.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: