Jigglypuff, Snorlax, Pikachu and others have come back to haunt us 2016, thanks to Pokémon Go, a mobile augmented reality game that appears to be a runaway success for developer Niantic. It's like the 1990s all over again, only very, very different.

New Zealand, the United States and Australia got Pokémon Go first as a beta, and have people gone for the game or what? Analyst firm Similarweb believes the game will have more daily active users after just a few days than social network Twitter, and is installed on more Android devices than dating app Tinder even.

When the rest of the world is let in on Pokémon Go, it might just take down the internet - well maybe not quite, but the amount of interest and ensuing traffic generated is already enormous, and that's just from three countries.

It's all harmless fun, earning Niantic and others big chunks of money of course as millions et onboard and spend a few dollars each on the in-app purchases.


This is 2016 however and as you would expect, digital criminals and real-life bandits will not hesitate to have a go with a juicy target like Pokémon Go.

In New Zealand, the Hell's Angels club in Whanganui has been set down as a pokestop. That's probably not the best place to wander into with your smartphone to catch some Pokémons.

Over in the American state of Missouri, the police in the city of O'Fallon, on the outskirts of St Louis, is warning Pokémon hunters that armed thugs have been luring players with bait and robbed them. The robbers have been arrested.

The game itself is being subverted too. Players are being asked to "sideload" Pokémon Go for Android by game tutorials on the internet which means installing it from unknown sources rather than the official Google Play app store that vets what's published to keep users safe.

Sideloading bogus Pokémon Go apps is a really bad idea: you're likely to have your device infected by a nasty remote access tool, or RAT, that nasty people have attached to the game.

The lesson for developers of anything is of course that there really is a law of unintended consequences.

A RAT gives attackers full control over your device, and that means everything: the phone, the camera on it, the microphone and more. Doing this could not only allow criminals spy on you remotely, but to run up huge bills by abusing your phone's connections. Don't do it.

Nothing of the above will stop the success of the game of course. Things could possibly go more wrong, and I hope they won't and that everyone playing Pokémon Go will be safe, along with their devices.

The lesson for developers of anything is of course that there really is a law of unintended consequences. If you're successful and your game or other app becomes a super mega hyper hit like Pokémon Go, it will attract bad people who make it their business to hurt others.


Millions of Pokémon Go players represents not just a massive opportunity, but a huge responsibility as well. That's a situation which is nothing new as such, but the internet with its immediate access to enormous global audience that connect to each other globally and locally makes it challenging, to say the least, to deal with.

When you meld the virtual domain with real world, think about what actually happens in the latter. Before something terrible happens, ideally.