Super Mario Run is bad news for everyone -- especially Android users
When Apple announced that Mario was making his way to iOS, there was much rejoicing. But the excitement soon gave way to disappointment for several reasons. Firstly there was the price, with many feeling $9.99 was just too much to ask for what is, ultimately, a very basic, one button platformer.
Next there's the complaint that Super Mario run requires constant access to the internet -- many users have also grumbled that the game has eaten through large chunks of their monthly data allowance. Nintendo may have made a pretty penny from sales of the title in the first few days, but the company's share price has tumbled. On top of this, just as it happened with Pokémon Go, the initial success of the game is being used to push malware at users.
So we have the game hurting gamers' pockets. We have gamers who are disappointed (just look at the reviews in the App Store) that Super Mario Run is rubbish. We have a company seemingly losing value as a result of a release. So far, there are already lots of losers, but as the game is only available for iOS, how is it bad news for Android users?
Super Mario Run will make its way to Android, but for the moment it is an iOS exclusive. Apple made much of this earlier in the year, but clearly it is not news that has filtered through to everyone. Malware writers are only too aware that eager and impatient Mario fans with Android handsets are constantly searching Google Play and APK repositories to find out when the Italian plumber is going to hit their screens.
Such is the demand for Mario on Android that it would seem like madness not to provide something to plug a gap in the market -- and this is precisely what malware peddlers are doing.
TrendLabs reports that since 2012, there have been over 9,000 Android apps discovered that use the Mario name -- despite no official app existing for the platform. Since the announcement about Super Mario Run, instances of Mario-related apps and the number of installations has increased around the world.
Of course, not all of the downloads come from Google Play. There are plenty of third party app stores to choose from, and as these are generally less closely monitored, they prove to be a dangerous source of malware riding a tide of popularity. One such app is "Super Mario" which includes the ANDROIDOS_DOWGIN.AXMD malware -- it even plays a version of the original Super Mario game while getting up to nefarious activities in the background.
TrendLabs has some simple advice for people:
Cybercriminals frequently take advantage of popular (or anticipated) titles to push their own malicious apps, as we see here. We strongly advise that users avoid third-party app stores to try and download apps, especially if they claim to be the "unofficial" or "unreleased" versions of legitimate apps. These apps are illegitimate in the first place, and the risks to end users are quite high. You can protect your device from inadvertent installations by third party stores or websites by disabling "Allow installation of app from unknown sources" from Android's security settings.
Activating an app as a device administrator is required to execute potentially malicious activities such as installing apps secretly, or hiding icons and processes from the user. Therefore, when an app asks you to activate themselves as a device administrator, it should be a red flag. Check whether it is appropriate for the app being installed.