Pokémon Go spawns over 200 'PokéMalware' clones

Eight new malicious apps released every hour following Pokémon Go's UK launch

Pokmon Go has spawned more than 200 malicious impostors since its launch, researchers have discovered.

Over the first 24 hours of the game's UK launch, eight unofficial clones of the app were released every hour, according to security company RiskIQ.

Within 24 hours, the total number of unofficial apps was 215, released by 70 unique developers across 21 app stores.

Advertisement - Article continues below

These unofficial clones can be highly dangerous, however, as RiskIQ EMEA vice president Ben Harknett pointed out.

"Approximately half of these unofficial apps are requesting broad permissions from users, risking data exposure via mobile devices," he said.

Further examples of this 'PokMalware' were discovered lurking on the Google Play Store by cybersecurity firm ESET. 'Pokmon Go Ultimate' is an instance of lockscreen malware, which forces the user to reboot the device, before hiding in the background and clicking on porn ads.

"Pokemon Go Ultimate is the first observation on Google Play of lockscreen functionality being successfully used in a fake app," explained ESET malware researcher Luk tefanko.

"As its ultimate functionality is clicking on porn ads, it's not truly damaging. But as for its lockscreen functionality, it'd only take adding a ransom message to create the first lockscreen ransomware on Google Play," he added.

Advertisement - Article continues below

Other 'scareware' apps including "Guide & Cheats for Pokemon Go" and "Install Pokemongo" were also discovered. This malware tricks users into giving up their personal information and agreeing to receive virtually endless telemarketing - often at great cost to the user themselves - in exchange for in-game items.

Advertisement - Article continues below

The examples discovered by ESET were removed form the Google Play Store after being identified by the company, but tefanko warned that some users may still be at risk.

"Pokmon Go is such an appealing game that despite of all the warnings by security experts, users tend to accept the risks and download anything to catch all the Pokmon," he said.

"Those who really can't resist the temptation should at least follow the most basic security rules."

08/07/2016: Fake Pokemon Go app lets hackers access your smartphone

A malicious app masquerading as Pokemon Go could give hackers full access to victims' phones, security researchers have discovered.

Pokemon Go is an augmented reality smartphone game based on the popular Nintendo property, that lets users collect Pokemon based on their physical location.

Experts from Proofpoint discovered a Pokemon Go APK containing the DroidJack remote access kit on VirusTotal, a repository for malware and compromised apps.

Advertisement - Article continues below

Pokemon Go has reached the top of the App Store charts in the US, and has generated widespread attention. However, it is still unavailable in territories including Europe.

This has led some users to install a non-official version of the app, via a process known as 'side-loading'. This involves installing apps from sources other than the Google Play store, which can infect your phone with malware.

"Installing apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable," the company wrote in a blog post.

"Official and enterprise app stores have procedures and algorithms for vetting the security of mobile applications, while side-loading apps from other, often questionable sources, exposes users and their mobile devices to a variety of malware."

Although Proofpoint has yet to observe the malicious version of the app in the wild, the company noted that it was still a significant discovery.

Advertisement - Article continues below

"It represents an important proof of concept, namely, that cybercriminals can take advantage of the popularity of applications like Pokemon Go to trick users into installing malware on their devices," Proofpoint said.

"Bottom line, just because you can get the latest software on your device does not mean that you should."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now



Evasive malware threats doubled in 2019

24 Mar 2020

Best free malware removal tools 2019

2 Mar 2020

Best antivirus for Windows 10

3 Sep 2019

Most Popular

Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020