New fake Pokémon Go app bombards you with porn ads

15 Jul 20167 Shares

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

Share on FacebookTweet about this on TwitterShare on LinkedInShare on Google+Pin on PinterestShare on RedditEmail this to someone

In the latest attempt to take advantage of countries where Pokémon Go is not available, an APK claiming to be the in-demand game secretly targets your phone with porn ads.

If you haven’t already enabled the new Chrome browser app that blocks all references to Pokémon Go, then you’re probably quite familiar with the game that is now one of the most downloaded apps ever, and has a higher average daily use than Facebook and WhatsApp.

However, only a limited number of countries actually have access to the game, and more and more people across the world have decided they can’t wait any longer.

Not just APKs anymore

Pokémon Go APKs – which give you access to a mirrored copy of the game – can be downloaded from multiple online sources, but already a number of security issues have arisen from this practice.

Just the other day, the security firm Proofpoint highlighted one APK found online that, when downloaded on to a person’s phone, would give a hacker a back door into the device and free rein to do what they want with your information.

Now, ESET has revealed an even more worrying fake that isn’t an APK, but an app found on the official Google Play Store called ‘Pokemon Go Ultimate’. (Note the absence of the accented E – a giveaway for fakes.)

Once downloaded, the app deliberately locks the person’s screen immediately after it’s booted up, forcing the user to restart the device.

This is difficult, however, given that it’s designed to make this impossible without taking out the phone’s battery or accessing the (usually hidden) Android Device Manager menu.

Pokémon Go fake apps

Two of the fake apps now removed from the Google Play Store. Image via ESET

No easy fix

Even after this, the problems don’t stop. While your phone appears like it’s back to normal, malware continues to run in the background, clicking on porn ads.

During testing, ESET found that once this fake Pokemon Go Ultimate app has been installed, its name doesn’t appear anywhere on the phone. Rather, it shows up as an app called ‘PI Network’, with an entirely different icon.

The discovery of this app on the Google Play Store has further ramifications for Android users, let alone Pokémon Go players, as ESET said this app is the first observation of lockscreen functionality that’s successfully landed on Google Play.

“It is important to note that from there it just takes one small step to add a ransom message and create the first lockscreen ransomware on Google Play,” ESET said.

Pokémon Go ESET

The scareware found after installation of the fake apps. Image via ESET

Over 50,000 duped

Other fake apps discovered on Google Play called ‘Guide & Cheats for Pokemon Go’ and ‘Install Pokemongo’ that contain ‘scareware’  ads, built to scare users into downloading unnecessary services or fake in-app purchases.

All three apps have now been removed from Google Play but, in the short amount of time they were online, up to 50,000 Android users were duped into downloading Install Pokemongo alone.

Security firms continue to advise people in countries where the game is not available to download to simply be patient and avoid clearly counterfeit copies.

Pokémon zombies image via Canadapanda/Shutterstock

66

DAYS

4

HOURS

26

MINUTES

Get your early bird tickets now!

Colm Gorey is a journalist with Siliconrepublic.com

editorial@siliconrepublic.com