The rapid speed at which Pokémon Go became a global phenomenon made it inevitable that the wildly popular smartphone game would quickly catch the attention of hackers, too.
When Pokémon Go launched in July, it was only available in a few countries, a situation that prompted many of those desperate to try the game to turn to third-party download sites. But some of those Pokémon Go downloads had been injected with malware that allowed hackers to take control of the victim’s smartphone.
Now that most countries’ smartphone users have access to the genuine version of the game through mainstream mobile app stores, the malware-infected versions of Pokémon Go have faded away. Security researchers have, however, found a new problem: hacker-designed apps linked to the game.
Cybersecurity firm Kaspersky Lab has found at least one malware-infected Android app, called Guide for Pokémon Go (shown below), that it says has been downloaded more than half a million times.
Available until recently on the Google Play store, the free app, as its name suggests, explains the augmented-reality game to newcomers and offers tips and tricks on how to become a skilled trainer. But it also contains malware that enables a hacker to take control of the phone.
“Analysis reveals that the app contains a malicious piece of code that downloads rooting malware – malware capable of gaining access to the core Android operating system,” Kaspersky Labs’ Roman Unuchek wrote in a blog post on Wednesday, adding there had so far been “at least 6,000 successful infections.”
The researcher said that while most infections appear to have hit smartphone users in Russia, India, and Indonesia, the fact that the app is in English suggests others users around the world may also be affected.
According to Kaspersky Lab’s Kate Kochetkova, the malware doesn’t immediately activate, though when it does it’ll flood the phone with ads. But worse than that, it can also secretly install additional apps.
“For now, criminals have chosen a relatively mild way to earn money: ads,” Kochetkova said. “Tomorrow, they may decide to increase their income by locking your device and demanding ransom – or stealing money from your bank account.”
For anyone who has the Guide to Pokémon Go app (there are others with the same name but this one is made by an outfit calling itself “Markersel”), Kaspersky Lab suggests immediately deleting it and then running free scanning software to confirm if your device has been infected.
