After ESET found a first-ever fake lockscreen.app on Google Play, it seems that amateur Pokemon trainers might fill their packs more quickly if they abandoned their search for rare Pokemon and sought vulnerabilities and malicious apps for Pokemon Go instead.
The latest find, an app dubbed Pokemon GO Ultimate, “deliberately locks the screen right after the app is started, forcing the user to restart the device,” according to a WeLiveSecurity post.
After a user installs the app, an icon for an app named “Pi Network” appears which, once run by the victim, freezes and forces a restart.
“Unfortunately, in many cases a reboot is not available because the activity of the malicious app overlays all the other apps as well as system windows,” wrote Lukas Stefanko, a malware researcher at ESET.
Instead, a victim would have to restart the device by taking out the battery or by using Android Device Manager, Stefanko explained. Once the device is rebooted, it runs in the background where the victim is unaware it is clicking on online porn ads.
Threat actors are getting a lot of traction from Pokemon Go's limited release – it's only available in the U.S., U.K., Australia, Germany and New Zealand – and the ramped-up desire by users worldwide who want to download the app. Hacking group OurMine on Sunday hacked the Twitter account of John Hanke, the founder and CEO of Niantic, the software development company that developed Pokémon Go, reportedly because the game is not yet available in Brazil, according to a post on Kotaku.
Like Pokemon, malicious apps are springing up all over the place. ESET researchers also came across two other fake apps on Google Play: “Guide & Cheats for Pokemon Go” and “Install Pokemongo.”
