Pokemon Go players in Thailand and around the world have been told to make sure their smartphone security software is up to date following the discovery of a malicious Android app.
Security experts have found that hackers are targeting Pokemon Go players and ticking them into downloading the malicious apps in order to steal personal details, passwords or even hijacking their phone.
One of the malicious apps, called Guide for Pokemon Go New, has been downloaded almost 500,000 times, with almost 10,000 successful infections, reports cyber security firm Kaspersky Labs.
The app, which has been available to download since July, despite Kaspersky Labs claiming they warned Google about its risk, has infected devices in the UK, Canada, India, Russia, Indonesia and Thailand.
The malicious Pokemon Go app, which is a form of Trojan malware, avoids detection meaning that most users do not even realise their device has been infected.
Once the app has been installed on the device, it lays dormant until instructed by a central server belonging to the hackers. It then starts installing other potentially malicious apps as well as hijacking web browsers and displaying unsolicited ads on the device.
“In the online world, wherever the consumers go, the cybercriminals will be quick to follow. Pokémon Go is no exception,” said Roman Unuchek of Kaspersky Labs.
“Victims of this Trojan may, at least at first, not even notice the increase in annoying and disruptive advertising, but the long term implications of infection could be far more sinister. If you’ve been hit, then someone else is inside your phone and has control over the OS and everything you do and store on it.”
Kaspersky also advises any user who thinks they may have been infected with malware to install antivirus software and scan their device. Users should also always ensure that their software is kept up to date.