We have told you about the fact that Super Mario Run has not yet been released for Android, but that is not stopping people from trying to download the game. The issue is that there are many fake Super Mario Run games out there, and now malware is being attached to those fake versions of the super popular iOS game.
Banking Malware Hits Fake Super Mario Run Android Apps
There are many different versions of Super Mario Run available on third-party Play Stores and other websites that claim to be for Android. At this time, it is important to reiterate, Super Mario Run is not out for Android, although it could be coming out any day. People are downloading these fake versions of Super Mario Run and ending up with the Marcher banking Trojan. The Marcher banking Trojan is a type of malware that cybercriminals have been using for a while now, and it is bad news for your Android device.
If you have not heard of the Marcher banking Trojan before, it is a piece of malware that has been around since 2013. This malware will end up tricking people into installing it, sometimes posing as software or system updates for Android. Once the user downloads this malware and installs it, they are asked to enter their bank details into a fake page that is overlaid. That banking information is then put directly into the hands of the cybercriminals who want the banking information for nefarious reasons. It should be obvious that if a website asks you for your banking information that it is likely a scam, but people still fall for this scam on a daily basis.
Zscaler researchers are now warning Android users that this Marcher banking Trojan is now in the third-party fake Super Mario Run downloads. The malware will disguise itself as Super Mario Run, and then will try to steal both account information and credit card information from the user. What happens is that once you think you are downloading Super Mario Run, the fake malware will ask for several permissions to be granted. Some of these permissions include various administrative rights for the Android device. Once the device has been infected, then the malware will monitor the device and steal your login information. This malware first showed up on the Russian underground sites, but then quickly spread to become a worldwide problem.
The malware will steal the login information of payment services and also of bank logins and passwords. The financial services are not the only types of information that this malware will steal though. This malware will steal information for websites like Gmail, Google Play, Skype, WhatsApp and Facebook. This login information is then used to carry out more types of fraud, such as identity theft or possibly blackmail.
Marcher was dubbed one of the most prevalent types of threats to Android by Zscaler. The worst part about this banking malware is that it can affect all of the versions of Android’s operating system, so it does not just impact Marshmallow or Nougat. The older your Android version is or the newer your Android version is, with this malware it does not matter as the malware can hit your device the same way.
If you have an Android device, the best way to avoid the Marcher malware is to download your apps right from Google Play. This means that if you want to play Super Mario Run, you will need to wait until the official version is released in the Google Play Store. Downloading fake versions of games like Super Mario Run or just downloading apps from third-party websites in general, puts your Android device at the highest risk of becoming infected. You also want to make sure that you are not downloading apps from untrusted sources, even if that app is in the Google Play Store, as sometimes the untrusted apps can make their way into Google Play before being found.