This fake Pokemon Go game will secretly drive porn ad clicks

The app will freeze the phone with a screen lock of a Pokemon Go image

A newly discovered fake Pokemon Go game will actually lock your phone and then secretly run in the background, clicking on porn ads.

Security firm ESET found it on Google Play and its called Pokemon Go Ultimate. However, once downloaded, the app itself doesn’t even pretend to offer anything remotely like the hit game.

Instead, it simply appears as an app called “PI Network.” Once it runs, the app will then freeze the phone with a screen lock of a Pokemon Go image, forcing the user to restart the device, ESET said on a blog post on Friday.

Following a restart, the PI Network icon will disappear from the phone, but the malicious app is actually still running in the background. It will then go online, secretly clicking on porn ads to generate revenue for the app's developers.

Fortunately, users can easily delete it, by going into app section of the phone’s settings, and manually uninstalling.

Google Play has also removed the Pokemon Go Ultimate app. ESET said the fake game was only available for a short time and generated between 500 and 1,000 downloads.

Some users, however, may still be tempted to download knock-offs of Pokemon Go. That’s because, outside of the U.S., the official game isn’t available in many parts of the world.

This week, it launched in five European countries, including the U.K., Germany, and Italy, but there’s still no word on when it might arrive Asia.

Security experts have warned that fake versions of the game could contain malware. In addition, shady developers have been trying to take advantage of the Pokemon Go craze, by coming out with unofficial apps that offer cheats, tips, and music from the game.

However, these products are also hungry for personal data and can collect sensitive information from users’ phones including contact lists and login info to social media accounts. RiskIQ, a firm that tracks mobile malware, has detected dozens of these questionable apps.

On Friday, ESET also warned that these unofficial Pokemon Go apps could also contain scareware. It found two other apps that when installed will display fraudulent pop-up ads that will claim the user’s phone is infected with a virus.

“Of course, the app promises to clean up the device, which could cause the user to unwillingly send a subscription SMS to bogus – yet expensive – services,” ESET said.

The two apps, “Guide and Cheats for Pokemon Go” and “Install Pokemongo,” have both been removed from Google Play.

Join the CSO newsletter!

Error: Please check your email address.

Tags gamesmalware

More about ESETGoogle

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Michael Kan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place