We already covered Pokemon Go and the fact that it has taken over the internet and the real world in a crazy way. But as is often the case, the game is losing a bit of its shine as security concerns flood the web. Should you be worried?
Third Party Pokemon Go Scammer Apps
The first concern is third party apps that look like the game, but aren’t. These are scammer applications that have infiltrating app stores since it became such a success. They will look similar, or identical, to Pokemon Go. But when used they will either transmit information, or in the case of one, drive porn clicks on alternate sites.
That particular app is Pokemon Go Ultimate. It works by opening up on the Pokemon Go logo, then freezing the phone. Once the user forces a restart of the device, it loads up the PI Network app, a malicious piece of malware. While it will not show as an icon, it will run in the background and drive clicks online to various porn ads. This drives revenue for the scammer who developed the app.
Mostly this has been a problem for users outside of the US who knew it wasn’t the official game. Believing it to be a knockoff, they downloaded it to get a taste of the app that so far hasn’t launched internationally.
If you downloaded one of these apps, you will have to manually remove it through the app settings of your device.
Google Access concerns
Another worry people have had is Google access settings. When Pokemon Go was first launched, it allowed users to connect through their Google account.
Due to some poor design in the permissions when uploaded to the iTunes store, using your Google account allowed them to essentially take over that account. Privacy researcher Adam Reeve posted a blog post about the issue, and the developers quickly fixed it. That hasn’t stopped people frothing at the mouth about it, but the hype does seem to be slowly cooling.
While it is no longer a problem with Pokemon Go, it does serve as a warning. You should always be looking at the fine print when connecting accounts.
It also points out an interesting double standard about security. Many apps, especially free ones, will run in the background at all times. Many will transmit data from your phone. Some even act as essentially malware, using loopholes to get away with the definition. Where is the outrage for those?