Trend Micro has identified more malicious Android apps abusing the name of the popular mobile game Super Mario Run. We earlier reported about how fake apps were using the app’s popularity to spread; attackers have now released versions of these fake apps that steal the user’s credit card information.
Super Mario Run is a mobile game that Nintendo first released on the iOS platform in September 2016, followed by the Android version on March 23, 2017. Mobile games have always proven to be attractive lures for cybercriminals to get users to download their malicious apps and potentially unwanted apps (PUAs). This is not the first time that the name of a popular game was abused; we’ve discussed how the popularity of Pokémon Go was similarly abused.
Based on feedback from the Smart Protection Network™, we saw more than 400 of these apps in the first three months in 2017 alone. In the same time frame, we saw 34 fake apps explicitly named “Super Mario Run”—it’s a noteworthy trend, as we saw the first of these only in December 2016.