Pokémon Go spawns over 200 'PokéMalware' clones

Eight new malicious apps released every hour following Pokémon Go's UK launch

Pokmon Go has spawned more than 200 malicious impostors since its launch, researchers have discovered.

Over the first 24 hours of the game's UK launch, eight unofficial clones of the app were released every hour, according to security company RiskIQ.

Within 24 hours, the total number of unofficial apps was 215, released by 70 unique developers across 21 app stores.

Advertisement - Article continues below

These unofficial clones can be highly dangerous, however, as RiskIQ EMEA vice president Ben Harknett pointed out.

"Approximately half of these unofficial apps are requesting broad permissions from users, risking data exposure via mobile devices," he said.

Further examples of this 'PokMalware' were discovered lurking on the Google Play Store by cybersecurity firm ESET. 'Pokmon Go Ultimate' is an instance of lockscreen malware, which forces the user to reboot the device, before hiding in the background and clicking on porn ads.

"Pokemon Go Ultimate is the first observation on Google Play of lockscreen functionality being successfully used in a fake app," explained ESET malware researcher Luk tefanko.

"As its ultimate functionality is clicking on porn ads, it's not truly damaging. But as for its lockscreen functionality, it'd only take adding a ransom message to create the first lockscreen ransomware on Google Play," he added.

Advertisement - Article continues below

Other 'scareware' apps including "Guide & Cheats for Pokemon Go" and "Install Pokemongo" were also discovered. This malware tricks users into giving up their personal information and agreeing to receive virtually endless telemarketing - often at great cost to the user themselves - in exchange for in-game items.

Advertisement - Article continues below

The examples discovered by ESET were removed form the Google Play Store after being identified by the company, but tefanko warned that some users may still be at risk.

"Pokmon Go is such an appealing game that despite of all the warnings by security experts, users tend to accept the risks and download anything to catch all the Pokmon," he said.

"Those who really can't resist the temptation should at least follow the most basic security rules."

08/07/2016: Fake Pokemon Go app lets hackers access your smartphone

A malicious app masquerading as Pokemon Go could give hackers full access to victims' phones, security researchers have discovered.

Pokemon Go is an augmented reality smartphone game based on the popular Nintendo property, that lets users collect Pokemon based on their physical location.

Experts from Proofpoint discovered a Pokemon Go APK containing the DroidJack remote access kit on VirusTotal, a repository for malware and compromised apps.

Advertisement - Article continues below

Pokemon Go has reached the top of the App Store charts in the US, and has generated widespread attention. However, it is still unavailable in territories including Europe.

This has led some users to install a non-official version of the app, via a process known as 'side-loading'. This involves installing apps from sources other than the Google Play store, which can infect your phone with malware.

"Installing apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable," the company wrote in a blog post.

"Official and enterprise app stores have procedures and algorithms for vetting the security of mobile applications, while side-loading apps from other, often questionable sources, exposes users and their mobile devices to a variety of malware."

Although Proofpoint has yet to observe the malicious version of the app in the wild, the company noted that it was still a significant discovery.

Advertisement - Article continues below

"It represents an important proof of concept, namely, that cybercriminals can take advantage of the popularity of applications like Pokemon Go to trick users into installing malware on their devices," Proofpoint said.

"Bottom line, just because you can get the latest software on your device does not mean that you should."

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now



Best antivirus for Windows 10

30 Jun 2020

Searching for a new job? That LinkedIn job offer may be fake

19 Jun 2020

Evasive malware threats doubled in 2019

24 Mar 2020

Best free malware removal tools 2019

2 Mar 2020

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020
data protection

EU institutions told to avoid Microsoft software after licence spat

3 Jul 2020