The release of "Pokemon Go" has sparked a frenzy among players and prompted a raft of warnings from lawmakers eager to prevent fans from putting their lives in danger.
But the fevered anticipation of the game has also created opportunities for attackers, a cybersecurity software firm said.
"The vulnerability from 'Pokemon Go' is due to the fact that Nintendo didn't have a global release of the game," said Michael Petit, Africa, Middle East and Asia head of mobility at Check Point Software Technologies.
The mobile gaming app first rolled out in the U.S., Australia and New Zealand in the first week of July, becoming an instant smash hit and rocketing up the most-downloaded lists on app stores. It was released in Germany on Wednesday.
Given the limited release, some eager users might be tempted to download the game from unverified third-party app stores, which could expose them to downloading malicious apps that may be used to steal sensitive information or spy on the user, Petit explained.
Cybercriminals can actually repackage the "Pokemon Go" app for Android, and turn it into a malware, explained a Check Point Wednesday blog post.
Petit said these malicious apps have remote access tools, which allow attackers to take control of the unsuspecting user's smartphone.
"Pokemon Go" game developer Niantic Labs did not immediately respond to requests for a comment.
The best advice for those keen on playing the game outside the countries it has been released in? Just be patient, it's arriving in "a few days," Petit added.
The Wall Street Journal reported that people familiar with plans for the game said "Pokemon Go" will launch in Europe and in Asia "within a few days" but there were no official comments on the launch timeframe.
The augmented reality mobile game has been installed more than 15 million times on the App Store and Google Play, and user engagement is very strong compared to other of iOS's most popular apps, according to statistics from app analytics company Sensor Tower.
On July 11, Sensor Tower reported that the average iPhone user in the U.S. spent 33 minutes on "Pokemon Go," which was ten minutes more than the time spent on the Facebook mobile app.
Despite its popularity, "Pokemon Go" has also attracted controversy.
In Missouri, four people were charged with armed robbery after targeting their victims through "Pokemon Go," while in Oregon, a man was stabbed by a passerby in the street as the victim walked while playing "Pokemon Go" on his phone.
Police officials in the U.S., Australia and New Zealand have issued warnings to players about the potential accidents that could occur if they weren't careful while playing the game.
Last week, it was discovered that a software bug led to iPhone users granting the "Pokemon Go" app full-access permission for the user's Google account, without the user knowing, The Verge reported.