Pokémon Go spawns over 200 'PokéMalware' clones

Eight new malicious apps released every hour following Pokémon Go's UK launch

Pokmon Go has spawned more than 200 malicious impostors since its launch, researchers have discovered.

Over the first 24 hours of the game's UK launch, eight unofficial clones of the app were released every hour, according to security company RiskIQ.

Within 24 hours, the total number of unofficial apps was 215, released by 70 unique developers across 21 app stores.

These unofficial clones can be highly dangerous, however, as RiskIQ EMEA vice president Ben Harknett pointed out.

Advertisement - Article continues below
Advertisement - Article continues below

"Approximately half of these unofficial apps are requesting broad permissions from users, risking data exposure via mobile devices," he said.

Further examples of this 'PokMalware' were discovered lurking on the Google Play Store by cybersecurity firm ESET. 'Pokmon Go Ultimate' is an instance of lockscreen malware, which forces the user to reboot the device, before hiding in the background and clicking on porn ads.

"Pokemon Go Ultimate is the first observation on Google Play of lockscreen functionality being successfully used in a fake app," explained ESET malware researcher Luk tefanko.

"As its ultimate functionality is clicking on porn ads, it's not truly damaging. But as for its lockscreen functionality, it'd only take adding a ransom message to create the first lockscreen ransomware on Google Play," he added.

Other 'scareware' apps including "Guide & Cheats for Pokemon Go" and "Install Pokemongo" were also discovered. This malware tricks users into giving up their personal information and agreeing to receive virtually endless telemarketing - often at great cost to the user themselves - in exchange for in-game items.

The examples discovered by ESET were removed form the Google Play Store after being identified by the company, but tefanko warned that some users may still be at risk.

Advertisement - Article continues below

"Pokmon Go is such an appealing game that despite of all the warnings by security experts, users tend to accept the risks and download anything to catch all the Pokmon," he said.

"Those who really can't resist the temptation should at least follow the most basic security rules."

08/07/2016: Fake Pokemon Go app lets hackers access your smartphone

A malicious app masquerading as Pokemon Go could give hackers full access to victims' phones, security researchers have discovered.

Advertisement - Article continues below

Pokemon Go is an augmented reality smartphone game based on the popular Nintendo property, that lets users collect Pokemon based on their physical location.

Experts from Proofpoint discovered a Pokemon Go APK containing the DroidJack remote access kit on VirusTotal, a repository for malware and compromised apps.

Advertisement - Article continues below

Pokemon Go has reached the top of the App Store charts in the US, and has generated widespread attention. However, it is still unavailable in territories including Europe.

This has led some users to install a non-official version of the app, via a process known as 'side-loading'. This involves installing apps from sources other than the Google Play store, which can infect your phone with malware.

"Installing apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable," the company wrote in a blog post.

"Official and enterprise app stores have procedures and algorithms for vetting the security of mobile applications, while side-loading apps from other, often questionable sources, exposes users and their mobile devices to a variety of malware."

Although Proofpoint has yet to observe the malicious version of the app in the wild, the company noted that it was still a significant discovery.

"It represents an important proof of concept, namely, that cybercriminals can take advantage of the popularity of applications like Pokemon Go to trick users into installing malware on their devices," Proofpoint said.

Advertisement - Article continues below

"Bottom line, just because you can get the latest software on your device does not mean that you should."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019

Best free malware removal tools 2019

23 Dec 2019

Best antivirus for Windows 10

3 Sep 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020

Windows 10 and the tools for agile working

20 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020