Hackers have been exploiting the global excitement and staggered release of Pokemon GO for iOS and Android by bundling versions of the game with malware for download from third-party sites.
The initial download allows installation of a remote access tool (RAT) known as DroidJack/SandroRAT. If that’s installed, hackers gain full control of your phone.
Proofpoint Security says there’s no evidence of it in the wild, but it was found in a malicious file repository less than three days after the game’s release in Australia and New Zealand.
If you’re going to install any file from a third-party and side-load it onto your phone or tablet, make sure you trust where it’s coming from first.