NSHE Security Advisory: Mobile Banking Trojan Disguised as Popular Game


MobileNintendo recently released Super Mario Run for the iOS platform (iPhone) and in no time it has become a sensational hit.  There is no Android version yet and no official news on such a release however cyber criminals are taking advantage of the massive popularity to spread malware posing as the Android version of Super Mario Run.   A similar scam occurred during the release of another wildly popular Nintendo game, Pokemon Go.   Just like that scam, the new Android Marcher Trojan is disguised as the Super Mario Run app and attempts to trick users with fake finance apps and a credit card page in an effort to capture banking details.

Knowing that Android users are eagerly awaiting the game, the malware will attempt to present a fake web page promoting its release.   The malware will ask for multiple permissions during installation including administrative rights.  It will also present a fake credit card page when an infected victim opens the Google Play store.  The malware will lock out Google Play until the user supplies their credit card information.

To avoid becoming a victim of such malware it is a good practice to download apps only from trusted app stores such as Google Play.  This practice can be enforced by unchecking or setting to “off” the “Unknown Sources” option under the “Security” settings of your device.