The craze brought about by Nintendo’s newest game, Pokémon GO, sent waves of people — young and old — into the world of these fictional and cute creatures. But with all the hype, scammers have taken advantage of this by releasing their own versions of the app — albeit a malicious one.
IT Security Services Australia warned users that fake Pokémon GO apps are circulating online. Stay Smart Online, an Australian government cybercrime organisation, states that malicious versions of the app have been released in the wild and are now visible on official app stores (i.e., Google’s Play Store and Apple’s App Store.) A similarly named app was also discovered on a known malware website which contains a Trojan virus, a software that installs itself on a device and steals user information.
Pokémon … NO?!
The app, aptly named Pokémon GO Ultimate, made rounds these past few days. While it may resemble the game’s overall look, it can deliberately lock the screen of the user’s device on startup. ESET, a known IT security firm, warns that simply rebooting your phone won’t alleviate the problem as the app covers itself over system windows. Although removing the batteries or using the Android Device Manager may work, it will still remain running in the background, clicking on malicious sites.
It has also been reported by security firm, Proofpoint, that they’ve also discovered a malicious version of the app that installs a malicious program, DroidJack, which silently opens a backdoor for hackers. In order for this malware to do its dirty work, users have to “side-load” the malicious app by disabling a core security setting that prevents installation of apps from unreliable sources.
Other two devious apps being released — Guide & Cheats for Pokémon GO and Install Pokemon Go — both categorised as adware and scareware respectively, meaning they trick users into paying unwanted services for the game like getting unlimited Pokeballs or Lucky Eggs. They also display illicit pop-up ads, telling you that your phone is infected with a virus.
Stay safe always!
While the aforementioned apps have been removed from Google Play Store, there are still other websites which offer these apps for download. Also, the reason why avid fans are tempted to download these rip-off apps is because the official app is still not available in some parts of the world.
People are advised to download only from legitimate sources or install antivirus software on their devices. If you’re unsure about the safety of the app you’ve downloaded, seek assistance from IT Support Australia or stick with more popular and tested apps from known sources.
However, if your hands are really itchy to try the most trending app in the world, check the reviews and developers’ comments first. If you think there’s something fishy, don’t touch it! You’ll get your chance at catching a Pokémon soon.