Trojan targets half a million Pokémon Go fans

Kaspersky Lab warns that thousands of Pokémon Go fans have been infected by malicious app

Half a million Pokmon Go fans could be at risk from a trojan that targeted players with a fake game guide.

The success of Pokmon Go has made it a target for hackers, who are taking advantage of the craze to target unwitting players, said Kaspersky Lab.

A "Guide for Pokmon Go" loaded with malware and listed on the official Google Play store has been downloaded 500,000 times and infected at least 6,000 phones, with the hidden malware able to seize root access on Android handsets. 

Google removed the app from its store after Kaspersky Lab notified it. 

Advertisement - Article continues below
Advertisement - Article continues below

The malware is clever enough to be patient to avoid detection, with the trojan waiting for just the right time to run, and checking if the target is worth its while or if it's trapped in a sandbox and the attack is already thwarted. Once installed, it installs other apps and displays ads.

So far, there have been only 6,000 successful infections, in Russia, India and Indonesia, but as it's targeted to English speakers, Kaspersky believes there may be victims around the world. 

"Victims of this trojan may, at least at first, not even notice the increase in annoying and disruptive advertising, but the long term implications of infection could be far more sinister,"  said Roman Unuchek, senior malware analyst at Kaspersky Lab.

"If you've been hit, then someone else is inside your phone and has control over the OS and everything you do and store on it. Even though the app has now been removed from the store, there's up to half a million people out there vulnerable to infection and we hope this announcement will alert them to the need to take action."

The security firm advised anyone infected to backup their data and reset their device.

Other security experts said the attack was to be expected because of the attention the game has seen. "There's no surprise that an app as popular as Pokmon Go has spawned associated malware," said Tim Erlin, director at security firm Tripwire. "Anytime we see a large event or significant trend in technology, cybercriminals do their best to take advantage of it."

Advertisement - Article continues below

"Consumers should protect themselves by avoiding third-party app stores that don't offer the same protections around available apps," Erlin added. "Even within the well-protected app stores caution is well advised. Maybe don't be the first, or even the hundredth, person to download that app."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019

Best free malware removal tools 2019

23 Dec 2019
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
General Data Protection Regulation (GDPR)

Data protection fines hit £100m during first 18 months of GDPR

20 Jan 2020