Mobile Games and Criminal Activity
In this weekâ€™s briefing, we will have a look at the new and expanding opportunities mobile games offer to criminals.
Nintendoâ€™s recently released â€œPokÃ©mon Goâ€ mobile game will serve us as an example.
The game was launched last week and quickly became the top-downloaded and top-grossing app on iOS and Android in many regions. This popularity has made it attractive to criminals targeting players both in cyber and traditional settings.
A large number of websites providing illegitimate copies of software for iOS and Android devices exists. While they mostly aim to pirate paid software and provide it for free, the region-based rollout of PokÃ©mon Go has resulted in many users in regions where the game is not yet available turning to said illegitimate sources to download the free game ahead of schedule.
Hackers quickly identified this trend and started bundling the game with malware before providing it for download. Users downloading the bundled versions would therefore infect their phones with malware as they installed the game.
This phenomenon seems to have primarily targeted Android phones but in principle the same attack can target users of jailbroken iOS devices. The hype built up around games such as this one can help to override the care and scepticism of users. Users are advised to only acquire software from trusted sources such as the Google Play Store or Apple AppStore.
Companies providing work phones to employees should ensure that only trusted software can be installed on the devices. Networks that employees may connect private phones to are expected to experience an increase in attacks originating from infected mobile devices in the coming weeks.
The more interesting abuse of PokÃ©mon Go has its roots in the AR- and walking-based gameplay of the game. Certain locations in the real world hold special significance within the game, leading many players to physically visit them.
However, the locations are semi-automatically determined, meaning that some key locations fall into dangerous or hard to surveil areas.
Criminals quickly identified key spots in secluded areas and started mugging and robbing players trying to visit them.
This phenomena highlights the growing connection between cyber-crime and traditional crime. While the robbers arenâ€™t cyber-criminals, they are abusing the properties of a digital asset to lure victims into a traditional ambush.
As the interplay between the digital and real world strengthens we predict an increase in similar crime.
Players are advised to use common sense when traveling the real world while playing any form of AR games. Parents of players are advised to discuss the physical dangers that can result from wandering into dangerous areas while playing with their children.