Experts warn gamers against downloading malicious Pokemon Go APK file

11 Jul 2016

The augmented reality-based game,Pokemon Go, which was launched last week, for iPhones and Android smartphones allows users to pursue their dreams of becoming a Pokemon master. The game features fictional creatures called "Pokémon", which humans known as Pokémon Trainers catch and train to battle each other for sport.

The game has been developed by software firm Niantic Labs, the maker another augmented reality game Ingress. The game taps into the smartphone's camera to reveal Pokemon turning up in the real world.

While the game had already been released in the US, Australia, and New Zealand, it is yet to be formally released in India and is witnessing a delayed release in the UK.

Despite the fact that it had not been launched in India, the game is said to be fully functional.

Many users in India are said to be downloading the Pokemon Go APK file and installing the game. The APK file being downloaded had not been authorised by  Google and does not feature in the Google Play Store and could potentially pose a huge risk, according to commentators.

Security firm Proofpoint has come across a particular Pokemon Go APK file that reportedly installed a malware called DroidJack that put sensitive user data at great risk. When the  malicious Pokemon Go APK file is downloaded it asks users to grant permissions that go well beyond what were required by the original app.

However, while the app featured some minor changed to very closely resemble the original app, there were a few warning signs one needed to keep an eye out for.