By Zsarlene B. Chua
FOR PEOPLE who grew up in the 1990s, Pokemon was a fixture in their lives. Our generation played with the cards and video games, and watched the cartoons. (My brother and I played Pokemon Red and Blue in Japanese using our Gameboy Color.) This all involved finding, training, and pitting “pocket monsters” against each other.
Back then, Pokemon subtly urged people to go out and meet friends and battle (or trade) “pocket monsters” with them using cable link systems. In fact, the only way to truly complete your collection of the original 151 characters was to trade Pokemons with a person playing Blue if you were playing Red, and vice versa.
Fast forward to this month, when Nintendo released Pokemon GO, an augmented reality game, in the US, Australia and New Zealand. It follows the basic premise of Pokemon (searching for “pocket monsters” to train and battle with each other). The app allows users to wander their neighborhood in search of Pokemon characters who pop-up as if in real life (i.e. on your phone).
Pokemon GO has not been released in the Philippines, though a report by the Wall Street Journal stated that the game might be released in Asia and Europe “within a few days.” But for those who can’t wait (like me) there’s another — risky — option, downloading Android Application Packages (APK) via third party sites for Android or by changing your Language & Region to Australia, US, or New Zealand and download from there.
I did that last week, loading the app from some random site, and, as your phone would probably warn you, “installing from unknown sources may be harmful to your device and personal data.” Don’t copy me, what I did was really dangerous.
Anyway, I downloaded it and ran it. It ran okay at first. The first generation starters (the characters Charmander, Bulbasaur and Squirtle) were giveaways, but what I saw (after realizing and grappling with the idea that I literally have to walk for this game to work) was a blank map. There weren’t any Pokemon at my location aside from the starters.
Reports have said that Niantic (the developer of the game) and Nintendo shut down servers to prevent access of the app because of illegal downloads.
Meanwhile, a report by TechCrunch on July 11 quoted security researchers at Proofpoint, a California-based cybersecurity company, who found out that there was a malicious Pokemon GO APK infected with a “remote access tool called DroidJack which would virtually give an attacker full access over a victim’s phone,” and that it was uploaded onto the Web less than 72 hours after the game was released in New Zealand and Australia.
The malicious software would, according to Proofpoint, include permissions not usually found in legitimate applications such as directly call phone numbers, record audio, modify contacts, read/receive/send SMS messages and that might mean one’s phone has been compromised.
“Installing apps from third-party sources, other than officially vetted and sanctioned corporate app stores, is never advisable… As in the case of the compromised Pokemon GO APK we analyzed, the potential exists for attackers to completely compromise a mobile device. If that device is brought onto a corporate network, networked resources are also at risk,” said Proofpoint’s article on their Web site.
Long story short, I uninstalled the app — because safeguarding my personal information is more of a priority than my quest to become a Pokemon Master — and decided to wait for the official release, even if the excitement was killing me. I did try to re-install it a few days later, just to see if it still works — it doesn’t. I couldn’t install it again and maybe it was for the best. — with a report from Bloomberg