Security Central: “Pokémon Go” Malware Uses Cyber-Attack!, Hardfork Thwarts Digital Bank Robbers

Written by Allison Francis
July 22, 2016

This week in Security Central, The VAR Guy goes inside the not so “super effective” Pokémon Go malware, explores the largest bank robbery of the summer and examines how AT&T Threat Intellect is helping protect against and ward off cyber-attacks.

The phrase “Gotta catch ’em all!” has taken on a whole new meaning this past month. Millions of Pokémon enthusiasts have taken to the streets, office hallways, parking lots, even bathrooms with their phones to hunt down and catch the virtual monsters with the new massively popular game, Pokémon Go. According to a recent Forbes article, the app’s popularity has poised it to compete with, and perhaps even surpass Twitter in daily active users on Android devices. No small feat.

With the explosion of downloads number of users in the span of just a few weeks, it should come as no surprise that cybercriminals were not far behind. Preying on the widespread craze and intense demand for the app, malware creators didn’t waste any time writing malicious code designed to wreak havoc on users’ phones. Initial attempts didn’t amount to much, not even making it past the Google Play store gates. The most recent attempt, however, was successful and came in the form of fake Pokémon Go apps. The imposter apps housed malicious code that either duped users into paying for phony services or made it possible for attackers to take control of the users’ phones.

It doesn’t’ stop there. In other third-party Android app stores, there are a number of other nasty variations either designed look like the real Pokémon Go app or offering Pokémon Go player “help.” Security experts say that these false apps could unleash spyware or spam, and could potentially steal valuable and private information.

“When there are popular apps like this it’s not uncommon to see copycat and follow-on apps,” said a Google spokesman via The Wall Street Journal. “There’s a constant mix of manual and automated app reviews taking place, and when there are violations the Play team takes actions by either reaching out to developers to find a fix or pulling an app.”

Google, in its own quest to “catch them all” and has since rounded up and removed the fake apps from the Google Play Store and other areas, quelling hackers – at least for the moment.

In other news, you may remember our coverage last month of The Decentralized Autonomous Organization (DAO), which found itself the victim of a virtual heist and $53 million lighter last month after attackers breached the venture capital fund startup. The June attack was a substantial blow for the DAO, which, only weeks before the attack, had raised $150 million in the cryptocurrency Ether, making it one of the most significant crowdfunding campaigns in online history.

The cybercriminals, if you remember, weren’t exactly successful. When the DAO was hacked, it caused the funds to move, but they never left Ethereum’s network. Ethereum is the technology platform that supports Ether. Last week, those involved in the virtual currency project voted to implement and adopt a software change designed to help the blockchain regain its footing and stop the thieves from successfully claiming the stolen funds. The change, called a hardfork, will return most of the money to the original DAO investors

The hardfork may not be fool-proof – it’s possible that some of the over 10,000 DAO investors may not get all of their contributed funds back in their pockets. However, if successful, the hardfork could help Ethereum regain its footing in the market and move forward.

“I don’t believe the DAO episode will dissuade companies from developing around Ethereum because it is by far the most advanced public blockchain in terms of potential capabilities,” Gil Luria, an analyst at Wedbush Securities, said last week in a Bloomberg article. “I do believe the episode has pushed out the timeline for potential applications until there is more visibility into the possible fork, permanent governance and some period of stability.”

The potential for breaches is always present and defending against security risks and network threats is a never-ending task. Finding effective and air-tight ways to stave off the constant barrage of cyber-attacks and protect users is something organizations are constantly striving for.

One such organization is AT&T. The company recently announced AT&T Threat Intellect^SM, a security and analytics tool designed to detect, scrutinize and thwart security threats before they even have a chance to become a threat. Threat Intellect uses unique threat signature data streams, analytics and intelligence to help sniff out threats – known and unknown. The security intelligence platform will allow AT&T to respond to network threats 95 percent faster.

“No carrier experiences the depth and scale of security threats we see on a daily basis– more than 30 billion vulnerability scans and 400 million spam messages are detected on our IP network,” says Steve McGaw, chief marketing officer of AT&T Business Solutions. “The power of Threat Intellect gives us the ability to process 5 billion security events, a full day’s worth of activity for all of our security customers combined – in only 10 minutes.”

With the constantly changing threat landscape, Threat Intellect stands to show some serious chops in terms of spotting, examining and mitigating potential risks quicker than ever before. It’s a scary world out there, filled with all sorts of virtual and network “monsters.” With faster and more efficient detection and attack-blocking systems being implemented every day, it looks as if the world of security is indeed up for the battles ahead.