Android Users Beware Of Fake Super Mario Run Apps

Nintendo’s Super Mario Run app became an instant hit when it was released towards the end of last year, making history after being downloaded more than 40 million times in the first four days after its release.

However, an Android version does not yet exist, but hackers have quickly jumped on the popularity of the iOS app and are spreading malware posing as an Android version of the game.

According to cloud security firm Zscaler, the “Android Marcher trojan” appears as a fake landing page advertising the release of the game, where it can be downloaded onto users’ devices.

Mario, run!

Marcher is a sophisticated banking malware that targets a wide variety of financial apps and credit cards. Once it has been downloaded onto a user’s device, it waits for one of its targeted apps to be opened and then presents a fake overlay page asking for banking details.

Once provided, this information is “harvested and sent out to its command and control (C&C) server”.

Once installed, the malware asks for multiple permissions, including administrative rights to allow it to do things such as modify system settings and read your contacts. It then presents fake credit card pages once an infected user opens the Android Play Store, locking them out of the actual store until the information has been provided.

“Android Marcher has been around since 2013 and continues to actively target mobile user’s financial information,” says Zscaler’s Viral Gandhi. “To avoid being a victim of such malware, it is always a good practice to download apps from trusted app stores such as Google Play. This can be enforced by unchecking the ‘Unknown Sources’ option under the ‘Security’ settings of your device.”

As different strains of malware continue to be created at a rapid rate, security is becoming a serious concern for Android users.

In the last few months alone, various Android trojans have targeted German banks by posing as an email application, stolen credentials from more than 2,000 financial apps and tricked users into handing over personal information through pictures and videos.

Quiz: Test your knowledge on the mobile app revolution

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

10 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

13 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

14 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

15 hours ago