The success of the Pokémon Go app could be putting millions at risk of hackers and other criminals, security experts have warned.
Less than one week after launch, Pokémon Go has proved extremely popular around the world. According to data from SimilarWeb, the app has surpassed the dating app Tinder in terms of U.S. downloads on Android smartphones.
The game—which uses a device's location to allow players to find and capture Pokémon characters in various places—has only officially launched in the U.S., Australia and New Zealand, however workarounds are available to allow users to install it in other countries.
"Had Pokémon Go been released globally (since people everywhere are playing it), no one would have felt the need to visit third party sites," Tyler Reguly, manager of software development at Tripwire, told Newsweek . "The websites hosting this content are often plagued by drive-by attacks and malware, incorporating this into the actual download is a logical expansion."
Reguly suggests that Pokémon Go's popularity is such that many people would knowingly install malware in order to get hold of the game, rather than wait for an official release.
Some rogue versions of the app may contain malware that allows criminals to take full control of an Android smartphone through a security backdoor called DroidJack, other experts have warned.
"DroidJack gives attackers complete access to mobile devices, including user text messaging, GPS data, phone calls, camera—and any business network resources the access," says Kevin Epstein, a vice president at network security firm Proofpoint.
"Even though this malicious app has not been observed in the wild, it represents an important proof of concept: namely that cybercriminals can take advantage of the popularity of applications like Pokémon Go to trick users into installing malware on their device."
The app's success has also caught the attention of real-world criminals, with police in Missouri warning that armed robbers were targeting punters hunting for Pokémon. According to police, criminals are lying in wait in certain locations popular in the game for offering bonuses.
"It is believed these suspects targeted their victims through the Pokémon Go smartphone application," a post on the police force's Facebook page alerted the public.
"If you use this app (or other similar type apps) or have children that do we ask you to please use caution when alerting strangers of your future location."
Uncommon Knowledge
Newsweek is committed to challenging conventional wisdom and finding connections in the search for common ground.
Newsweek is committed to challenging conventional wisdom and finding connections in the search for common ground.
About the writer
Anthony Cuthbertson is a staff writer at Newsweek, based in London.
Anthony's awards include Digital Writer of the Year (Online ... Read more
To read how Newsweek uses AI as a newsroom tool, Click here.