Pokemon Go could pose a serious security hazard, according to security expert Gary Miliefsky.
Gary Miliefsky, CEO of cyber-security firm SnoopWall, says the new augmented reality (AR) game app that’s sweeping the world collects a troubling amount of user data, behaving suspiciously like creepware.
“Creepware is a form of malware that spies on you for whatever reason the developer chose – either to listen in on your microphone, covertly take pictures of you and your surround[ing]s or even worse, to ultimately steal your identity by grabbing your name, phone number, email, address and of course one or more of your credit cards and/or bank account login information.”
According to Miliefsky, apps like these get away with accessing a large amount of user permissions because users tend to accept the terms and conditions of the app instantly without further investigation.
Miliefsky warns that, while Pokemon Go might not have any malicious intent with its information gathering, that data could easily fall into the hands of hackers with less benign motivations. Worse still, even without any hacking involved, the data directly shared by the app to other users can pose a serious threat, especially to young children playing the game alone outside.
“Your child will be in a live game experience where they are constantly geolocated by other players, who could be adult predators (pedophiles) and the company that makes the game warns you that they now have the right to ship all the information they collected on you the approving parent and your children overseas.”
One read through the often-skipped terms and conditions of Pokemon Go gives a chilling picture of the power granted to the app over personal data:
“The App is a location based game. We collect and store information about your (or your authorized child’s) location when you (or your authorized child) use our App and take game actions that use the location services made available through your (or your authorized child’s) device’s mobile operating system, which makes use of cell/mobile tower triangulation, wifi triangulation, and/or GPS. You understand and agree that by using our App you (or your authorized child) will be transmitting your (or your authorized child’s) device location to us and some of that location information, along with your (or your authorized child’s) user name, may be shared through the App. For example, when you take certain actions during gameplay, your (or your authorized child’s) user name and location may be shared through the App with other users who are playing the game. We may also use location information to improve and personalize our Services for you (or your authorized child).”
This is not the first time that Pokemon has been suspected of being a tool for nefarious purposes. Irreverent animated comedy show South Park, in the episode titled “Chinpoko Mon,” parodied Pokemon’s viral rise in the Western world. In the episode, Chinpokomon is an animated series and merchandise franchise taking America by storm, but is revealed to be a secret Japanese plot to manipulate the American public into waging war against their own country.
Follow us on Facebook