Trojan presented itself as the Guide for Pokmon Go in the Google Play Store. The app contains a malicious piece of code that downloads rooting malware malware capable of gaining access to the core Android operating system. At least 6,000 successful infections, including in Russia, India and Indonesia, have been hit. Trojan has many layers of defense in place to help it bypass detection, including a commercial packer that decrypts the original executable file to make it harder to analyze. Kaspersky Lab products detect the Trojan as HEUR:Trojan.AndroidOS.”]
Source: https://securelist.com/rooting-pokemons-in-google-play-store/76081/