Unlucky Pokemon Go enthusiasts may have accidentally caught something very different indeed, with reports that some android phones are being infected by a malicious version of the game.
The world has gone Pokemon mad once again with the release of Pokemon GO.
The delay of release in some countries, however, caused by an overload on the servers at initial release, has left some Pokemon enthusiasts looking for alternative methods to acquire their own Pikachu.
But is your version infected?
How are people getting it?
Eager Pokemon trainers who aren’t prepared to wait until Nintendo officially release the game have been acquiring the game from unofficial sources in the form of .apk files, Science Alert reports.
Similar to the method used by applications such as Showbox, they are downloaded from websites and installed manually.
This is how installing the app would look if it were legitimate:
This is how it might look when it’s compromised:
What’s the issue?
The major problem with this method of acquisition, is that it leaves the user’s devices vulnerable to malicious software that could steal information or allow direct access to your device through a ‘backdoor‘.
Most people like to keep their phones as secure as possible as many of us have bank details and other sensitive information stored on our devices.
Within the first 72 hours of release in Australia and New Zealand, the game had been cracked and redistributed with the malicious software contained.
Proofpoint reported in a blog post:
Likely due to the fact that the game had not been officially released globally at the same time, many gamers wishing to access the game before it was released in their region resorted to downloading the APK from third parties.
Is it all third party sites?
The likelihood of every link containing the .apk file will have malicious software in it is slim, but it’s in no way either recommended or encouraged by Google or Nintendo.
So, basically, be careful out there. It’s not just angry Gyarados attacks you need to be wary of!