A fake ‘Pokémon Go’ app tricked half a million players into downloading malware

The rapid speed at whichPokémon Gobecame a global phenomenonmade it inevitable that the wildly popular smartphone game would quicklycatch the attention of hackers, too.

WhenPokémon Golaunched in July, it was only available in a few countries, a situation that prompted many of those desperate to try the game to turn to third-party download sites. But some of thosePokémon Godownloads had been injected with malware that allowed hackers to take control of the victim’s smartphone.

Now that most countries’ smartphone users have access to the genuine version of the game through mainstream mobile app stores, the malware-infected versions ofPokémon Gohave faded away. Security researchers have, however, found a new problem: hacker-designed appslinkedto the game.

Cybersecurity firm Kaspersky Lab has found at least one malware-infected Android app, calledGuide forPokémon Go(shown below), that it says has been downloaded more than half a million times.

Available until recently on the Google Play store, the free app, as its name suggests, explains the augmented-reality game to newcomers and offers tips and tricks on how to become a skilled trainer. But it also contains malware that enables a hacker to take control of the phone.

“Analysis reveals that the app contains a malicious piece of code that downloads rooting malware – malware capable of gaining access to the core Android operating system,” Kaspersky Labs’ Roman Unuchekwrotein a blog post on Wednesday, adding there had so far been “at least 6,000 successful infections.”

The researcher said that while most infections appear to have hit smartphone users in Russia, India, and Indonesia, the fact that the app is in English suggests others users around the world may also be affected.

According to Kaspersky Lab’s Kate Kochetkova, the malware doesn’t immediately activate, though when it does it’ll flood the phone with ads. But worse than that, it can also secretly install additional apps.

“For now, criminals have chosen a relatively mild way to earn money: ads,” Kochetkovasaid. “Tomorrow, they may decide to increase their income by locking your device and demanding ransom – or stealing money from your bank account.”

For anyone who has theGuide to Pokémon Goapp (there are others with the same name but this one is made by an outfit calling itself “Markersel”), Kaspersky Lab suggests immediately deleting it and then running freescanning softwareto confirm if your device has been infected.