A malicious gaming app called Pokemon Go Ultimate, the first “lockscreen” app has made its way onto the Google Play store, said software security company ESET.
The app when downloaded and run is not installed as Pokemon Go but as “PI Network”, a report published in the Fortune said.
Anyone who ran that app would find their phone completely frozen, forcing them to restart the phone by removing the battery. After rebooting, the PI Network app seemed to disappear, but in fact continued running in the background and generating fake ad clicks, stated Fortune.
The Pokemon Go gaming app uses the Global Positioning System (GPS) capabilities of the device in conjunction with Google Maps to place virtual creatures in real world locations, which one then tries to find using your device as a guide.
Once in proximity to the placed creature, one then needs to use device’s camera to view the creature and try to capture it.
ESET also spotted several other malicious apps, including Install Pokemongo and Guide & Cheats for Pokemon Go.
The plague of malicious tricks surrounding the augmented-reality game highlights the security risk posed by Android’s relatively open app ecosystem.
Though the specific apps highlighted by ESET seem to have been removed from Google Play Store, a search found several apps named with variations on Install Pokemon Go.
The app, however, has been pulled off from Google Play, ESET reported. One can uninstall the app manually by going to their phone’s application manager.
The Pokemon Go is available on Google Playstore and Apple’s App Store in the US, Japan and Australia, Philippines, New Zealand, Britain and Germany and is coming soon to India, Singapore, Taiwan and Indonesia.