Pokémon Go spawns over 200 'PokéMalware' clones

Eight new malicious apps released every hour following Pokémon Go's UK launch

Pokmon Go has spawned more than 200 malicious impostors since its launch, researchers have discovered.

Over the first 24 hours of the game's UK launch, eight unofficial clones of the app were released every hour, according to security company RiskIQ.

Within 24 hours, the total number of unofficial apps was 215, released by 70 unique developers across 21 app stores.

These unofficial clones can be highly dangerous, however, as RiskIQ EMEA vice president Ben Harknett pointed out.

Advertisement
Advertisement - Article continues below

"Approximately half of these unofficial apps are requesting broad permissions from users, risking data exposure via mobile devices," he said.

Further examples of this 'PokMalware' were discovered lurking on the Google Play Store by cybersecurity firm ESET. 'Pokmon Go Ultimate' is an instance of lockscreen malware, which forces the user to reboot the device, before hiding in the background and clicking on porn ads.

"Pokemon Go Ultimate is the first observation on Google Play of lockscreen functionality being successfully used in a fake app," explained ESET malware researcher Luk tefanko.

"As its ultimate functionality is clicking on porn ads, it's not truly damaging. But as for its lockscreen functionality, it'd only take adding a ransom message to create the first lockscreen ransomware on Google Play," he added.

Other 'scareware' apps including "Guide & Cheats for Pokemon Go" and "Install Pokemongo" were also discovered. This malware tricks users into giving up their personal information and agreeing to receive virtually endless telemarketing - often at great cost to the user themselves - in exchange for in-game items.

The examples discovered by ESET were removed form the Google Play Store after being identified by the company, but tefanko warned that some users may still be at risk.

"Pokmon Go is such an appealing game that despite of all the warnings by security experts, users tend to accept the risks and download anything to catch all the Pokmon," he said.

"Those who really can't resist the temptation should at least follow the most basic security rules."

08/07/2016: Fake Pokemon Go app lets hackers access your smartphone

A malicious app masquerading as Pokemon Go could give hackers full access to victims' phones, security researchers have discovered.

Advertisement
Advertisement - Article continues below

Pokemon Go is an augmented reality smartphone game based on the popular Nintendo property, that lets users collect Pokemon based on their physical location.

Experts from Proofpoint discovered a Pokemon Go APK containing the DroidJack remote access kit on VirusTotal, a repository for malware and compromised apps.

Pokemon Go has reached the top of the App Store charts in the US, and has generated widespread attention. However, it is still unavailable in territories including Europe.

This has led some users to install a non-official version of the app, via a process known as 'side-loading'. This involves installing apps from sources other than the Google Play store, which can infect your phone with malware.

"Installing apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable," the company wrote in a blog post.

"Official and enterprise app stores have procedures and algorithms for vetting the security of mobile applications, while side-loading apps from other, often questionable sources, exposes users and their mobile devices to a variety of malware."

Although Proofpoint has yet to observe the malicious version of the app in the wild, the company noted that it was still a significant discovery.

"It represents an important proof of concept, namely, that cybercriminals can take advantage of the popularity of applications like Pokemon Go to trick users into installing malware on their devices," Proofpoint said.

"Bottom line, just because you can get the latest software on your device does not mean that you should."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/antivirus/28144/best-antivirus
antivirus

Best antivirus for Windows 10

3 Sep 2019
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

8 Mar 2019

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019
Visit/business/business-strategy/354195/where-modernisation-and-sustainability-meet-a-tale-of-two
Sponsored

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019