image

CNBC

The Pokemon Go frenzy could benefit cybercriminals

Cybercriminals can actually repackage the Pokemon Go app for Android, and turn it into malware, warn experts

PUBLISHED : Thursday, 14 July, 2016, 1:40pm
UPDATED : Friday, 15 July, 2016, 10:01am

The release of Pokemon Go has sparked a frenzy among players and prompted a raft of warnings from US lawmakers eager to prevent fans from putting their lives in danger. But the fevered anticipation of the game has also created opportunities for attackers, a cybersecurity software firm said.

"The vulnerability from Pokemon Go is due to the fact that Nintendo didn't have a global release of the game," said Michael Petit, Africa, Middle East and Asia head of mobility at Check Point Software Technologies.

The mobile gaming app first rolled out in the US, Australia and New Zealand in the first week of July, becoming an instant smash hit and rocketing up the most-downloaded lists on app stores. It was released in Germany on Wednesday.

Given the limited release, some eager users might be tempted to download the game from unverified third-party app stores, which could expose them to downloading malicious apps that may be used to steal sensitive information or spy on the user, Petit explained.

Cybercriminals can actually repackage the Pokemon Go app for Android, and turn it into malware, explained a Check Point Wednesday blog post.

Petit said these malicious apps have remote access tools, which allow attackers to take control of the unsuspecting user's smartphone.

Pokemon Go game developer Niantic Labs did not immediately respond to requests for a comment.

The best advice for those keen on playing Pokemon Go outside the countries it has been released in? Just be patient, it's arriving in "a few days," Petit added.

The Wall Street Journal reported that people familiar with plans for the game said Pokemon Go will launch in Europe and in Asia "within a few days" but there were no official comments on the launch timeframe.

The augmented reality mobile game has been installed more than 15 million times on the App Store and Google Play, and user engagement is very strong compared to other of iOS's most popular apps, according to statistics from app analytics company Sensor Tower.

On July 11, Sensor Tower reported that the average iPhone user in the US spent 33 minutes on Pokemon Go, which was ten minutes more than the time spent on the Facebook mobile app.

Despite its popularity, Pokemon Go has also attracted controversy .

In Missouri, four people were charged with armed robbery after targeting their victims through Pokemon Go, while in Oregon, a man was stabbed by a passerby in the street as the victim walked while playing Pokemon Go on his phone.

Police officials in the US, Australia and New Zealand have issued warnings to players about the potential accidents that could occur if they weren't careful while playing the game.

Last week, it was discovered that a software bug led to iPhone users granting the Pokemon Go app full-access permission for the user's Google account, without the user knowing.