Crypto malware found in Super Mario game. Latest news.

Hackers are using the recent surge in popularity of the Super Mario Bros. franchise to secretly install crypto malware on unsuspecting gamers’ personal computers. Cyble Research & Intelligence Labs reported on Friday that a legitimate installer for the fan-made game “Super Mario 3: Mario Forever” includes an XMR miner, the SupremeBot mining client, and the open-source Umbral stealer in addition to the actual game.

According to Cyble, “The social engineering tactics that TAs use exploit users’ trust and entice them to download and run malicious game installers. The large file size and games’ complexity provide TAs opportunities to hide malware within them.” Mario Forever, a 2004 sidescroller game featuring dozens of free levels emulating the feel of the main series Mario games, has been downloaded at least 17 million times, according to a CNET downloads listing for the game.

The first program within the malicious installer, a Monero (XMR) miner, can be especially effective when infecting gamers’ PCs, since their powerful computer hardware is exactly what’s needed to mine several popular cryptocurrencies. Hackers can exploit such energy-intensive resources to produce crypto in blockchain addresses that they control, all at their victims’ expense.

XMR in particular is designed as a privacy coin, meaning its transactions aren’t easily tracked on the blockchain like Bitcoin (BTC) or Ethereum (ETH). Many exchanges have banned XMR at regulators’ orders to prevent criminals from using those coins for laundering money or cashing out proceeds.

Stealing Gamers’ Wallet Information

Cyble describes the accompanying Umbral Stealer as a “lightweight and efficient information stealer,” which can take private information including passwords, webcam images, and even crypto wallet info. The app targets wallets for networks including Ethereum, ZCash, and Bytecoin, and specifically searches for Atomic Wallet, which was already hacked for $35 million earlier this month.

Hackers stealing sensitive information may demand ransom from their victims, for which crypto has become an especially popular tool over time. Unlike wire transfers, crypto transactions are irreversible and often better at protecting a hacker’s identity.

Although an old game, Mario Forever has a long-running legacy as a fan-made game based on the iconic plumber. The franchise received a fresh resurgence in popularity after the release of The Super Mario Bros. Movie this year, which has since become the second-largest animated box office hit of all time, worldwide.

We will continue to update Phone&Auto; if you have any questions or suggestions, please contact us!


Was this article helpful?

93 out of 132 found this helpful

Discover more


Humorous and Professional Announcement from HTX Exchange

HTX, a popular digital asset exchange, has announced the resumption of deposit and withdrawal services for top crypto...


Justin Sun's platform, Poloniex, was hacked for over $100 million. The hackers then bought TRX, causing its price to skyrocket.

Poloniex lost over 114 million USD to a hacker attack, with the hacker using the stolen funds to purchase TRX, causin...


Ether.Fi will launch the ETHFI token on Binance Launchpool next week.

Liquid restaking protocols, such as Ether.Fi, utilize Ethereum's proof-of-stake blockchain to enhance the security of...


Justin Sun unstakes 20,000 ETH from Lido Finance. What's happening?

Justin Sun, the co-founder of Tron, has successfully transferred 20,000 Ethereum (ETH) from Lido Finance to Binance u...


Curve's value increases by 22% as the founder sells CRV tokens to repay an Aave loan.

Curve experiences significant growth, with a 22% increase, thanks to the founder's successful sale of CRV to influent...


Kelp DAO Introduces KEP Token, Making Ethereum Restaking More Liquid

Kelp DAO's latest development, the KEP token, is set to enhance liquidity for EigenLayer Points, providing valuable o...