Malware Targets Pokémon Go Users on Social Networks

Pokémon Go users searching social media for quick ways to level up should be wary of malware.

Though game players click links from social media accounts expecting tips, walkthroughs and other ways to level up, they instead get adware and malware that affect both desktop and mobile platforms, according to security firm Proofpoint.

Researchers found 167—about 30 percent— of 543 fraudulent Pokémon Go-related accounts across Facebook, Twitter and Tumblr. Of those, 44 featured links to download files, such as Downware Trojan and Android APKs.

The game poses a corporate security risk when infected devices connect to organizations’ networks, said an Infosecurity Magazine report.

Security issues climb along with the game’s popularity. At the game’s initial release, the Google log-in option gave the game full access to users’ emails and search history, which game-maker Niantic later changed. Fake apps popped up in Google Play that tricked players into spending money on bogus services or took over phones with porn ads, but Google removed them from the app store when researchers flagged them.