Categories: News

Malware posing as Super Mario Run is infecting devices

Attackers are taking advantage of the popularity of “Super Mario Run” to spread a malicious malware through fake Android Application Packages (APKs) to steal banking credentials of users.

Nintendo’s Super Mario Run broke the records with its release last month and was one of the top 10 most downloaded games of 2016. The game was released to iOS users only. After that, Nintendo listed the game on Google Play store for pre-register. But no date has been announced yet that when it will be made available for Android users.

Hackers are taking advantage of the game’s popularity and spreading malicious malware “Android Marcher” through fake APKs online. A similar scam also occurred when Pokémon Go was released.

What is ‘Android Marcher’ malware?

A global cloud-based information security company, Zscaler, describes the Marcher Trojan as,

“Marcher is a sophisticated banking malware strain that targets a wide variety of banking and financial apps and credit cards by presenting fake overlay pages. Once the user’s mobile device has been infected, the malware waits for victims to open one of its targeted apps and then presents the fake overlay page asking for banking details. Unsuspecting victims will provide the details that will be harvested and sent out to the malware’s command and control (C&C) server.”

How does it attack?

Taking advantage of users’ impatience for the game, attackers have disguised the malware as Super Mario Run in form of APK files. Marcher malware details:

  • Name: Super Mario Run
  • Package Name: uiq.pizfbwzbvxmtkmtbhnijdsrhdixqwd
  • MD5 : d332560f1fc3e6dc58d94d6fa0dab748
  • Detections: 12/55(at time of analysis)

Upon installation, the malware asks for multiple permissions including administrative rights. After that, the virus locks users out of Google Play until they input their credit details. The full list of targeted apps can be seen here.

   

How to avoid getting infected?

  • Android Marcher has been around since 2013 and it continues to target the financial information of users. Users should download apps only from trusted sources like Google Play and should not fall victim to the infected APK files.
  • Also, users should not provide their banking information in an overlay when launching banking apps.
  • Keep an eye on the permissions an app requires while installing. Do not give your administrative rights to any app.
  • Also, users can pre-register for the game at Google Play and they will be informed by a notification from Play store whenever the game is available for download.

Source: zscaler

Sponsored
Maheen Kanwal

Maheen Kanwal is a Tech Journalist at TechJuice. She covers the latest technological, telecom and business related, local & global news. (Reach at maheen@techjuice.pk)

Share
Published by
Maheen Kanwal

Recent Posts

Federal Govt Official Urges ‘Less’ Internet Use, Only for Important Matters

On Sunday, Syed Sajid Mehdi, Pakistan's Parliamentary Secretary for the Cabinet Division, proposed a solution…

14 mins ago

Federal Government Announces December 25 as Public Holiday

ISLAMABAD: The federal government has declared December 25, 2024, as a public holiday to mark…

17 mins ago

Samsung Terminates Employees Over Galaxy S25 Ultra Images Leak

An early setback occurred for Samsung's much anticipated Galaxy S25 series when unauthorized photographs of…

36 mins ago

NADRA Warns Against Excessive Photocopying of Sensitive Documents

ISLAMABAD: According to a public advisory from the National Database and Registration Authority (NADRA), Pakistani…

1 hour ago

Phase 2 of Honhar Scholarship Program Officially Launched

The Honhar Scholarship Program Phase II, inaugurated by Chief Minister Maryam Nawaz Sharif of Punjab,…

1 hour ago

Itel S25 Ultra Fails Durability Test, Raising Concerns

The Itel S25 series, known for its durability and affordability, recently faced scrutiny during a…

2 hours ago