Android Users Beware Of Fake Super Mario Run Apps

Nintendo’s Super Mario Run app became an instant hit when it was released towards the end of last year, making history after being downloaded more than 40 million times in the first four days after its release.

However, an Android version does not yet exist, but hackers have quickly jumped on the popularity of the iOS app and are spreading malware posing as an Android version of the game.

According to cloud security firm Zscaler, the “Android Marcher trojan” appears as a fake landing page advertising the release of the game, where it can be downloaded onto users’ devices.

Mario, run!

Marcher is a sophisticated banking malware that targets a wide variety of financial apps and credit cards. Once it has been downloaded onto a user’s device, it waits for one of its targeted apps to be opened and then presents a fake overlay page asking for banking details.

Once provided, this information is “harvested and sent out to its command and control (C&C) server”.

Once installed, the malware asks for multiple permissions, including administrative rights to allow it to do things such as modify system settings and read your contacts. It then presents fake credit card pages once an infected user opens the Android Play Store, locking them out of the actual store until the information has been provided.

“Android Marcher has been around since 2013 and continues to actively target mobile user’s financial information,” says Zscaler’s Viral Gandhi. “To avoid being a victim of such malware, it is always a good practice to download apps from trusted app stores such as Google Play. This can be enforced by unchecking the ‘Unknown Sources’ option under the ‘Security’ settings of your device.”

As different strains of malware continue to be created at a rapid rate, security is becoming a serious concern for Android users.

In the last few months alone, various Android trojans have targeted German banks by posing as an email application, stolen credentials from more than 2,000 financial apps and tricked users into handing over personal information through pictures and videos.

Quiz: Test your knowledge on the mobile app revolution

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago