Super Mario PC Fan Game Has Malware To Install Crypto Mining Software

Super Mario 3: Mario Forever, a leading PC fan game that is inspired by the Super Mario franchise by Nintendo, allegedly contains malware that can hijack crypto wallets and install crypto mining software. The game contains malicious software that steals data from infected devices.

Super Mario game contains malware

A report by Cyble Research & Intelligence Labs said that a legitimate installer for the Super Mario 3: Mario Forever fan game was compromising user devices. This installer contained an additional payload with excess malicious software that is used to steal data from the infected devices. The devices are later loaded with resource-intensive crypto mining software running in the background.

The Mario Forever project was first released in 2004 through the Softendo website. Mario Forever was inspired by the Super Mario franchise, with its popularity being attributed to free levels where players mimic the original Nintendo services. The game’s website indicates it has nearly 17 million downloads to date.

The report published by Cyble has also said that the game’s installer has also installed the XMR Miner. This miner software operates a Monero cryptocurrency miner in the background. The miner consumes the computing resource of the targeted device to target a malicious threat actor earning cryptocurrencies in the process.

Monero is ranked as one of the privacy coins available in the cryptocurrency industry. The coin is largely used by cybercriminals because blockchain transactions are not recorded on-chain.

This game will also install a file that will pave the way for downloads and enable the installation of the Umbral Stealer. According to the company, the information stealer is classified as lightweight and efficient.

The malware can be used to conduct a wide range of hacking campaigns against the targeted device. It can be used to steal user passwords, private information, webcam images, and information linked to crypto wallets. The Cyble researchers further said that the app is used to target Bytecoin, Ethereum, and Zcash wallet addresses.

Hacking campaigns against Nintendo

It is not the first time that the Super Mario franchise has been targeted by hacking campaigns. Additionally, Super Mario 3: Mario Forever is not an official game by Nintendo. However, the game has a long history as a leading fan game, and it has also achieved much popularity in the Mario franchise.

The animated film adaptation proposed this year also shows that people might also be downloading and installing the game for nearly two decades since the initial freeware release. The film was a major success for Nintendo, and it earned more than one billion dollars at the global box office, making it the most successful game in history.

Super Mario 3: Mario Forever has previously been targeted by hackers with the intention of gaining access to player PCs. A report that was published by Protos noted that the game had been subjected to past investigations that revealed this malware and trojan horses. The malware in question is installed on user devices using a legitimate installer.