Android Users Beware Of Fake Super Mario Run Apps

Nintendo’s Super Mario Run app became an instant hit when it was released towards the end of last year, making history after being downloaded more than 40 million times in the first four days after its release.

However, an Android version does not yet exist, but hackers have quickly jumped on the popularity of the iOS app and are spreading malware posing as an Android version of the game.

According to cloud security firm Zscaler, the “Android Marcher trojan” appears as a fake landing page advertising the release of the game, where it can be downloaded onto users’ devices.

Mario, run!

Marcher is a sophisticated banking malware that targets a wide variety of financial apps and credit cards. Once it has been downloaded onto a user’s device, it waits for one of its targeted apps to be opened and then presents a fake overlay page asking for banking details.

Once provided, this information is “harvested and sent out to its command and control (C&C) server”.

Once installed, the malware asks for multiple permissions, including administrative rights to allow it to do things such as modify system settings and read your contacts. It then presents fake credit card pages once an infected user opens the Android Play Store, locking them out of the actual store until the information has been provided.

“Android Marcher has been around since 2013 and continues to actively target mobile user’s financial information,” says Zscaler’s Viral Gandhi. “To avoid being a victim of such malware, it is always a good practice to download apps from trusted app stores such as Google Play. This can be enforced by unchecking the ‘Unknown Sources’ option under the ‘Security’ settings of your device.”

As different strains of malware continue to be created at a rapid rate, security is becoming a serious concern for Android users.

In the last few months alone, various Android trojans have targeted German banks by posing as an email application, stolen credentials from more than 2,000 financial apps and tricked users into handing over personal information through pictures and videos.

Quiz: Test your knowledge on the mobile app revolution

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Amazon Alexa Recovers After Morning Outage

Alexa wake up alarm didn't work this morning? Smart lights didn't turn on? Outage of…

3 days ago

UK, Australia Reach Cyber, Critical Tech Agreement

Australia says it will 'fight back' against nation state cyberattacks, after agreements with the UK…

3 days ago

Italian Regulator Recalculates Apple, Amazon Fines

Italian regulator admits it has redetermined the fines against Apple and Amazon, over the sale…

3 days ago

Red Cross ‘Appalled’ As Hackers Steal Humanitarian Data Of 515,000 People

A new low. International Committee of the Red Cross shuts down reunification system, after hackers…

4 days ago

Russia Proposes Ban On Cryptocurrencies, Crypto Mining

Russia's central bank has this week proposed the banning on the use and mining of…

4 days ago