Beware Of Malicious Apps Masquerading As Pokémon GO Offshoots

A much-needed PSA for all Pokémon GO enthusiasts.

 

In retrospect, it’s not all that unexpected. Of course people were going to try and cash in on the Pokémon GO phenomenon. It’s when it takes a nasty turn that we need to start being careful.

A malicious gaming app called Pokémon Go Ultimate- the first “lockscreen” app- recently made its way onto the Google Play store, says software security company ESET.

Pokémon Go Ultimate resembles the original game but its intentions are far less innocent: it deliberately locks the screen when it’s run. Many a time, a reboot- the go-to solution in case of a frozen screen- isn’t possible because the app overrides all others as well as the system options. Users must instead restart their devices by either removing and re-inserting the battery or using Android Device Manager. After reboot, the app runs unnoticed in the background, silently clicking on porn ads.

To get rid of the app, the user has to go to Settings →Application manager → PI Network and uninstall it manually.

“As its ultimate functionality is clicking on porn ads, it’s not truly damaging. But as for its lockscreen functionality, it’d only take adding a ransom message to create the first lockscreen ransomware on Google Play.” Said Lukáš Štefanko, an ESET Malware Researcher.

Apart from Pokémon GO Ultimate, ESET researchers also found other Pokémon GO-related malware on Google Play. Bogus apps called “Guide & Cheats for Pokémon Go” and “Install Pokémon Go” belong to the Scareware family- they lure victims into paying for bogus services by promising to generate items like Pokécoins, Pokéballs or Lucky Eggs.

The apps mentioned in this article were all spotted by ESET and have since been removed from Google Play. However, several Pokémon GO-related ‘Install’ apps remain.

“Pokémon GO is such an appealing game that despite of all the warnings by security experts, users tend to accept the risks and download anything to catch all the Pokémon,” says Štefanko.  “Those who really can’t resist the temptation should at least follow the most basic security rules.”

Image via BGR.in


TAGS: Pokemon GO, Fake Pokemon Go App