Pokemon Go: 7 tips to keep you safe from hackers
POKEMON Go is breaking new ground in augmented reality gaming.
But according to the makers of award-winning antivirus and malware software protection programs, it is unprecedented in its requests for permissions.
Bitdefender says the demand for Pokemon Go is so high that it has become an obvious target for hackers.
Researchers have already found a malware-infected version of the Pokemon Go app for Android.
The malware, called DroidJack, is part of the AndroRAT family, a remote access Trojan that provides backdoor functionality and access to people's mobile devices.
Bitdefender says Droidjack is not a new threat.
In December 2015, police cracked down on people who bought DroidJack from underground forums where it was sold for around $200.
Police have raided homes across Europe and the US, arresting people suspected of installing the mobile phone malware to spy on their spouse, friends or neighbors.
Pokemon Go warning for iOS users
In a statement, Bitdefender issued a word of warning for players of the game on iOS.
"The Pokémon Go app seems to request more permissions than it needs. Signing into the app via a Google login reportedly gives the developer, Niantic, full access to users' Google accounts.
Niantic says the app can access only basic Google profile information, despite the message in the permissions' window, and is working on a client-side fix. The Android version does not have the same issue.
Word of advice for users planning to download this and other popular mobile games:
1. Beware of rogue applications posing as genuine games. Since Pokemon Go is officially available for download only in the US, Australia and New Zealand, the temptation to download it from third-party market places is huge. Yet copycats may carry malicious code that takes full control of the device, collecting users' personal data and clicking on ads in the process. In fact, 19.55 percent of global threats are fake apps that install malware or highly aggressive adware, according to Bitdefender's Android Threat Report for the second half of 2015. So it's best to download apps only from official app stores.
2. Install a security solution suitable for your mobile device to identify malicious applications before they're installed and discover the privacy impact of apps already installed.
3. When installing an app, review the permissions it requires and remove unnecessary ones. In this case:
• Head to Google's security page and look for Pokémon Go.
• Select Pokémon Go, then click "Remove" to revoke full access.
• Launch the game on your device.
4. Check reviews about the app and the developer before installing a new application.
6. As a general rule, don't download fake apps posing as software updates, sent in unrequested emails.
7. Also, avoid jailbreaking your device unless you know how to protect it from threats and can take full responsibility for its security. Jailbreaking will disable the "sandboxing" feature of the iOS, an essential piece of the operating system's security architecture.
The real-world adventure game also exposes users to physical risks, so stay aware of your surroundings to avoid falling prey to thieves, trespassing and even stumbling on a dead body.