Categories: Security

Security Researchers Find 215 Fake Pokemon Go Apps And Issue Android Ransomware Warning

More than 200 mobile apps claiming to be genuine versions of Pokemon Go have been found lurking on mobile app stores, including the first ever fake lockscreen application for Android.

RisKIQ says 215 unofficial apps were spotted on more than 21 mobile app stores, growing at a rate of eight per hour over a 23 hour period, as scammers seek to capitalise on the popularity of the game, which is only available in a number of countries at present.

All these apps do is steal data by requesting permissions, subscribe users into paying for premium rate SMS services or attempt to click on advertising while running in the background.

Read More: What does Pokemon Go mean for IT departments?

Lockscreen

‘Pokemon Go Ultimate’ is the aforementioned lock screen app. If downloaded from Google Play, users will find no evidence of the app after installation and will instead see something called ‘PI Network’. If this is opened, the screen is locked deliberarely, forcing users to reboot.

“Unfortunately, in many cases a reboot is not available because the activity of the malicious app overlays all the other apps as well as system windows,” said ESET. “The user needs to restart the device either by pulling out the battery or using Android Device Manager. After reboot, it runs in the background hidden from the victim, silently clicking on porn ads online.”

The only way to remove the application is to go the Application Manager and uninstall it manually. However researchers are concerned that the methods used mean Android ransomware isn’t that far away.

“This is the first observation of lockscreen functionality being successfully used in a fake app that landed on Google Play,” said ESET. “It is important to note that from there it just takes one small step to add a ransom message and create the first lockscreen ransomware on Google Play.”

Loading ...

Pokemon Go fake apps

Other apps spotted include ‘Guide & Cheats for Pokemon Go’ and “Install Pokemongo’, both of which deliver ‘scareware’ adverts encouraging users to pay for expensive unnecessary services by claiming their phone is riddled with malware.

“The virus removal masquerade is only one example of the apps’ scareware techniques,” said ESET. “They can also download other applications, create surveys and display scam ads where the user has allegedly won prizes such as the new iPhone, Galaxy S7 Edge or even large amounts of money. The techniques deployed depend on the country where the user’s IP is being localized.”

ESET reported all three to Google which removed them from its marketplace. However it is thought Pokemongo could have been downloaded as many as 500,000 times before it was deleted.

Pokemon Go developer Niantic Labs has staggered the worldwide launch of the game so its servers can cope with demand. This has caused some to look for less than official ways to get their hands on the app – exposing themselves and companies to security risks.

EE said it had 350,000 Pokemon Go players on its network even before the app was released officially in the UK. That figure has now risen to 850,000, 24 hours after the launch.

Quiz: What do you know about video game technology?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Amazon Alexa Recovers After Morning Outage

Alexa wake up alarm didn't work this morning? Smart lights didn't turn on? Outage of…

3 days ago

UK, Australia Reach Cyber, Critical Tech Agreement

Australia says it will 'fight back' against nation state cyberattacks, after agreements with the UK…

3 days ago

Italian Regulator Recalculates Apple, Amazon Fines

Italian regulator admits it has redetermined the fines against Apple and Amazon, over the sale…

3 days ago

Red Cross ‘Appalled’ As Hackers Steal Humanitarian Data Of 515,000 People

A new low. International Committee of the Red Cross shuts down reunification system, after hackers…

4 days ago

Russia Proposes Ban On Cryptocurrencies, Crypto Mining

Russia's central bank has this week proposed the banning on the use and mining of…

4 days ago