Super Mario Bros 3: Mario Forever is a PC fan game based on the Super Mario Bros. franchise. It was first released back in 2004.
If you are a classic Super Mario Bros. fan, you might be tempted to try out the free-to-play fan remake. However, be warned, some versions of the game are infected with malware that can hijack your computer.
As shared by researchers from Cyble, via BleepingComputer, it was recently discovered that threat actors are distributing a trojanized version of the game containing hidden malware that can severely damage your system. The malware consists of two components: a crypto-miner and a data-stealer.
The trojanized game downloads a crypto-miner that miner Monero (XMR) by using your computer’s resources and power. The process can severely slow down your computer’s performance and increase your electricity bill.
Secondly, the executable installs a data-stealing program that extracts sensitive information from your browser, such as passwords, cookies, cryptocurrency wallet credentials, and credentials for various online services, including Discord, Minecraft, Roblox, and Telegram.
The program can also take screenshots of the infected computer’s desktop and use connected webcams and mics to record media.
According to Cyble, the malware is delivered through a modified game installer that runs in the background while the game is installed. The researchers are not sure how the infected versions of the game are being spread, but they suspect they are being shared on gaming forums and social media groups. It is likely that the link to the infected game is being shared on Reddit by unsuspecting users.
The lesson here is simple: be careful of what you download. You should only download games and applications from official sources, and make sure to scan downloaded executables before running them.
Image credit: Mario Forever
Source: Cyble, via BleepingComputer
MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.