Android user? Beware of the Super Mario Run imposter!

by Gabriel E. Hall - - 2017-01-03

Super Mario Run has achieved a great success after being released on App Store last December. This iOS app from Nintendo has been downloaded over 40 million times just within a few days after its release and currently stands first in the Free Apps category^[1]. Of course, Nintendo has always been one of the leading gaming hardware and software producers, but its move to the smartphone market has totally been a game-changer. We should not forget the recent Pokémon GO craze^[2] which seemed to have engaged even the people who were not major gaming fans in the first place. However, the large popularity has its downsides as well. And one of the major ones is the special attention from malicious software developers. In the case of Pokémon GO, we have already seen what havoc the extortionists may cause by releasing a couple of fake apps disguised as the legitimate game^[3]. Unfortunately, it seems that the hackers are planning to ride the same wave with Super Mario Run as well as imposter apps like Super Mario Run APK are already beginning to show up.

Super Mario Run APK virus image

One of the main reasons for this is the fact the application is not yet available on Android devices. A similar strategy has been used to promote Pokémon GO virus when the original app release was still pending in some countries. Frankly, in both cases, the hackers are taking advantage of the users’ impatience and carelessness while obtaining new software. Apart from Super Mario Run APK, malware researchers from Trend Micro have reportedly discovered over 9,000 cases of forged Mario apps most of which originate from India and Indonesia^[4]. These are not comforting statistics, to put it mildly. Most of these apps, including Super Mario Run APK, aim to gain administrative privileges^[5] on the infected device and open the gateway for the hackers to deploy new malicious software, access personal data stored in the phone’s in-built memory and the SD card, or even break into social media accounts or banking platforms. As you can already imagine, the consequences of such breach may be disastrous.

If the application you are downloading requires you to disable Android’s security settings, it is a clear sign that there are some evil intentions behind it. You should always make sure that “Unknown sources” option in your security settings list is always disabled. Besides, if you really can’t wait for the Super Mario Run game to show up, you should take Nintendo’s advice and sign up to receive a newsletter when the official application finally comes out.

About the author

Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions

References

^ What counts as success for “Super Mario Run”. The Economist.
^ Rich Foreman. 4 reasons behind Pokemon Go's wild success. Startupgrind.com IT news site.
^ After security concerns with official Pokemon Go version, Pokemon Go virus comes up. Esolutions security news.
^ Jordan Pan. Fake Apps Take Advantage of Super Mario Run Release. Trend Micro antivirus malware investigation blog.
^ Swati Khandelwal. Did You Install Super Mario Run APK for Android? That's Malware. The Hacker News.