Android Users Beware Of Fake Super Mario Run Apps

A fake, credit card-stealing Android version of Mario Super Run is doing the rounds

Nintendo’s Super Mario Run app became an instant hit when it was released towards the end of last year, making history after being downloaded more than 40 million times in the first four days after its release.

However, an Android version does not yet exist, but hackers have quickly jumped on the popularity of the iOS app and are spreading malware posing as an Android version of the game.

According to cloud security firm Zscaler, the “Android Marcher trojan” appears as a fake landing page advertising the release of the game, where it can be downloaded onto users’ devices.


Mario, run!

Marcher is a sophisticated banking malware that targets a wide variety of financial apps and credit cards. Once it has been downloaded onto a user’s device, it waits for one of its targeted apps to be opened and then presents a fake overlay page asking for banking details.

Once provided, this information is “harvested and sent out to its command and control (C&C) server”.

Once installed, the malware asks for multiple permissions, including administrative rights to allow it to do things such as modify system settings and read your contacts. It then presents fake credit card pages once an infected user opens the Android Play Store, locking them out of the actual store until the information has been provided.

“Android Marcher has been around since 2013 and continues to actively target mobile user’s financial information,” says Zscaler’s Viral Gandhi. “To avoid being a victim of such malware, it is always a good practice to download apps from trusted app stores such as Google Play. This can be enforced by unchecking the ‘Unknown Sources’ option under the ‘Security’ settings of your device.”

As different strains of malware continue to be created at a rapid rate, security is becoming a serious concern for Android users.

In the last few months alone, various Android trojans have targeted German banks by posing as an email application, stolen credentials from more than 2,000 financial apps and tricked users into handing over personal information through pictures and videos.

Quiz: Test your knowledge on the mobile app revolution