Crypto malware found in Super Mario game
It appears that crypto-malware has again founds its way into a popular game. And as it happened this is actually not even the first time this game in particular is affected. Read on to find out more.
Super Mario 3: Mario Forever
This is the game in question where people recently found crypto malware. The game is a fan-made game that saw the light in 2004. It has had some shaky history with malware before. But this time it appears it where a trifecta of bad stuff. People who recently installed the game from a legitimate installer. They found themself unknowingly installing an XMR miner, SupremeBot mining client, and the Open-source Umbral stealer.
It is the large file size and the game's complexity that makes it, and other similar games, a prime talked for piggybacking malware. Due to those things, it is relatively easy for nefarious actors to hide the malware within the game's installer. As evident in this last instance where not one but three malware snaked in.
I have managed to get a hold of Super Mario for an interview regarding these issues. Let's jump right to it shall we?
"First I would like to thank you for taking the time to talk to me over the phone. I would like to start off by asking you if you prefer people to call you Super Mario or just Mario?"
"It's-a me, Mario!"
"Ok, Mario it is, thank you for clearing that up for me Mario. It has been on my mind since my childhood. What do you make of the reports that malware has been found several times in a Super Mario game, even if it is "only" a fan-made one?"
"Mamma mia!"
"Do you or perhaps Luigi plan to do anything to try and stop these bad actors from taunting your good name, perhaps warn your fans about this?"
"Let's a GO!"
*phone hits the ground and the faint sound of B button running can be heard*
"I guess that's it, again thank you Mario for taking the time to talk to me on the phone. And you heard him people it is time we put an end to these bad actors, Let´s a GO!"
The malware
The first one is a $XRM miner, or if you will a miner that mines Monero. The way this is usually set up is the mining malware uses the host's hardware to mine crypto and send it to the person behind the malware wallet. Normally wallets like this can be flagged and blocked to some degree. But as Monero is a privacy coin it has the option to hide transactions. Making them much harder to track, possibly even impossible.
The SupreamBot Mining Client I have not been able to find much information on. But I assume it is something similar to the XRM miner. Where they exploit the hardware to mine and send it to their wallet. I assume tho that this miner is used to mine something that compliments Monero. What I mean by this is most mining is done by the CPU. And there is primarily one of two types of algorithms that are used. One is memory intensive, meaning it for the most part only utilizes the memory of the GPU. The second type is core intensive, meaning it primarily uses the CPU of the GPU. In Moneros' case, it can be mined by using the CPU, the processor of the computer directly. It is not the optimal way to mine tho. But it would leave this miner full freedom to mine with the GPU.
While these two miners sap your computer's resources making it slower to extremely slow. They, as far as I know, pose no great threat to your information or your crypto. But this is where the third malware comes into play, the Open-source Umbral stealer. among the long list of things it can steal is your wallet, and your passwords, adds a virtual machine, and copies your cookies. And these are just the things I think are the really bad ones. In a nutshell, it can do some major damage if allowed to roam freely.
Making the problem worse
There are two things that are making this problem "worse" for lack of a better word. The biggest one is most likely the recent Super Mario movie, making the character and games more popular. The second one is there is a long history of fan-made games surrounding the Super Mario franchise. This means that people most likely have a lowered guard when it comes to these games.
Hopefully, you will exercise caution when downloading stuff on the internet.
Have you been the victim of malware, if so please share your experience and what you did to remedy the situation. Also please share if you have any good countermeasures to this type of malware. The comment section is all yours.
If you would like to support me and the content I make, please consider following me, reading my other posts, or why not do both instead. I have also just become a partner at Medium, signing up using my referral link or just following me there is also a great way to support me.
https://medium.com/@bo.daniel.jensen/membership
See you on the interwebs!
Picture provided by: https://unsplash.com/, https://pixabay.com/, Fair use