en
Back to the list

Super Mario Game Is Loaded With Crypto Malware That Can Steal Your Coins

source-logo  decrypt.co 26 June 2023 15:26, UTC

A popular PC fan game inspired by Nintendo’s Super Mario franchise is reportedly rife with malware that can hijack users’ crypto wallets and even quietly install crypto mining software.

Cyble Research & Intelligence Labs reports that a legitimate installer for the fan game Super Mario 3: Mario Forever, also known as Super Mario Forever, comes with an additional payload overflowing with malicious software that can steal data from infected computers and load them up with resource-intensive crypto mining software that runs secretly in the background.

Mario Forever, first launched in 2004 via the Softendo website, is an unofficial game inspired by the classic Super Mario side-scrolling games, delivering dozens of free levels that recreate the vibe of the Nintendo originals. A CNET Downloads listing for the game shows nearly 17 million downloads to date through that website alone.

Cyble analyzes SupremeBot, a crypto-mining client leveraging a trojanized Super Mario game installer to spread Umbral stealer malware.https://t.co/X9NIrfpvMQ#Mario #Crypto #SupremeBot #UmbralStealer #Trojan #Darkweb #ThreatIntel

— Cyble (@AuCyble) June 23, 2023

Cyble’s report notes that the game’s installer also installed XMR Miner, software that quietly runs a Monero (XMR) cryptocurrency miner in the background. Doing so eats up a user’s computing resource for the benefit of a malicious actor who is earning crypto in the process. Monero is a notable “privacy coin” that hides transaction details from the public.

Furthermore, the game installs a file that ultimately leads to the download and installation of Umbral Stealer, which Cyble describes as a “lightweight and efficient information stealer."

It can snag users’ passwords, private information, webcam images, and even crypto wallet information, Cyble writes, adding that the app targets Ethereum, Zcash, and Bytecoin wallets, among others, and specifically Atomic Wallet.

Super Mario 3: Mario Forever is not an official Nintendo game, of course, but its long-running legacy as a prominent fan game and the enduring popularity of the Mario franchise—particularly with this year’s animated film adaptation—means that people may still be downloading and installing it nearly 20 years after its original freeware release.

Gods Unchained Hits Epic Games Store Ahead of Mobile Expansion

This apparently isn’t the first time that Super Mario 3: Mario Forever has helped scammers infiltrate players’ PCs. According to a report from Protos, the game has been the subject of past investigations revealing malware and trojan horses that use the apparently legitimate installer to infect users’ computers.

Decrypt reached out to Softendo for comment, but did not immediately hear back.

decrypt.co