Tuesday, May 28, 2024

Beware : Super Mario Run Android game is Actually Malware. Don’t Download it

Super Mario Run is anticipated to dispatch in the Google Play Store in the coming weeks, after beforehand going live on iOS on December 15, and cybercriminals are attempting to profit by the energy produced by Nintendo’s new title utilizing another influx of malware.

introducing a honest to goodness amusement, the supposed Super Mario Run application for Android was intended to introduce Marcher, a sophisticated banking malware strain capable of stealing victims banking and credit card information. For that, the Trojan uses fake overlay pages on top of true blue applications.

Security company zscaler warns that malware disguised as Super Mario Run for Android is now spreading across the Internet, with users encouraged to download APKs that eventually infect devices and attempt to steal financial information.

Like previous Marcher variants, the current version also presents fake credit card pages once an infected victim opens the Google Play store. The malware locks out Google Play until the user supplies the credit card information as shown below:

As per zscaler Report, the malware asks for multiple permissions including administrative rights as shown below.

“Once it infects an Android device, it opens an overlay that requires users to enter their financial details whenever mobile banking apps are launched, and collected data is then saved and submitted to a command and control center owned by the attacker”

In most of the cases, the Google Play Store can no longer launch as users are provided with the same overlay asking for financial details.

“In previous variants of Marcher, we observed this malware family targeting well-known Australian, UK, and French banks. The current version is targeting account management apps as well as well-known banks,” zscaler says.

Here’s the percentage of users who have downloaded fake Super Mario game apps on their Android devices:

Android Marcher has been around since 2013 and proceeds to effectively target versatile clients’ budgetary data. To abstain from turning into a casualty of such malware, it is a decent practice to download applications just from trusted application stores, for example, Google Play.

Website

Latest articles

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...

Hackers Exploit WordPress Plugin to Steal Credit Card Data

Hackers have exploited an obscure WordPress plugin to inject malware into websites, specifically targeting...

Google Patches Chrome Zero-Day: Type Confusion in V8 JavaScript

Google has released a patch for a zero-day exploit in its Chrome browser.The...

Hackers Created Rogue VMs in Recent MITRE’s Cyber Attack

State-sponsored hackers recently exploited vulnerabilities in MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE).They...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles