This is the obsession of the summer and the most popular game of the moment. It has bumped some of the most-used apps on its way to the top like Tinder, Twitter and Instagram. All over the world there are tons hooked on Pokémon Go, but unfortunately, this game is only available in a handful of countries.
The first wave of countries included the United States, Australia, Germany and the United Kingdom, and now it is available in Italy, Spain and Portugal. Fans who reside in other parts of the world are playing the game thanks to unofficial app downloads.
However, for those who want to become virtual creature trainers, they should very careful what they install. The unparalleled success of this app in addition to its limited availability make users of this game a prime market for cyber-criminals. Black hats have already created malicious versions that are distributed online. Hackers are loading a little more than just Pokémons on their victim’s devices.
The surge of these malware-loaded, Pokémon-related applications have been downloaded from both official and unofficial stores. Some of these dangerous apps have even been discovered on Google Play. To avoid falling into this trap, potential players should only download from official sources, and after, users should verify that the app is genuine. A legitimate app is developed by Niantic Labs and distributed by Nintendo. A piece of advice: If the app has a few hundreds or thousands of downloads, it is no good.
If the app has a few hundreds or thousands of downloads, it is not the official Nintendo app.
For those aware of these dangers and have an official app installed on their device, the biggest concern they should have is privacy. A problem emerged a few days after the app launched. The controversy was related to the permissions that the iOS version requires when you register with your Google account. This means that the program had total access to user accounts and had the ability to see everything on the user’s profile.
Nintendo said it was a programming error, but to some, this seems suspicious since the option to create an account on the Nintendo site was also disabled. Since then, the application has been corrected and now it can only access the basic details from Google accounts.
The controversial permissions on iOS devices were due to an error and have been corrected.
What is remains worrisome is that the actual game requires users to activate geolocation at all times; this means that company behind Pokémon knows where you are at all times. If we add this private information with advertisements or third party companies, the consequence could be a huge data breach. Keeping in mind the game’s popularity, imagining the amount of information that could be leaked from the game’s servers is alarming.
But beyond all of this and forgetting about IT security, the gravest danger is actually quite horrific and physical. We’ve seen everything: floods of people in the park launching themselves at the same Pokémon, users invading private properties and the landowners reacting with shots, players who go into caves to capture these creatures and are trapped inside, thieves that use the app to assault victims, people who play while driving… these incidents are innumerable.
If you would like to play Pokémon Go safely, the best advice you should follow is: use common sense. Look up from the screen every once and a while and remember, the real world has its dangers, no matter how often you escape to your virtual reality.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
3 comments
I totally agree, but i’m a kid so I won’t run into those problems. But I am a HUGE fan of Pokemon Go.