Hackers are once again targeting users that illegally download films and infecting their devices with malware.
This time around, they’ve embedded malware into illegal downloads of The Super Mario Bros. Movie, according to a new blog post from the cybersecurity firm ReasonLabs. As reported by Axios, the hackers began targeting Illumination’s latest film on April 30 after it was leaked on Twitter in its entirety and then quickly taken down.
Like similar campaigns, this one begins with free, illegal copies of The Super Mario Bros. Movie. While users think they’ve managed to download the film for free without any consequences, a trojan arrives on their computer alongside the movie.
ReasonLabs says that the malware used in this new campaign has actually been used more than 150,000 times in the past to steal data and other sensitive information from pirates. While it often arrives alongside pirated films, the malware has also been distributed with pirated software as well.
Hijacking browser sessions
Once downloaded onto a user’s system, the malware installs a malicious extension that’s used to hijack the user's browser. It does this by giving itself sensitive browser permissions, allowing it to take over a browser’s default search bar.
Although it may appear like nothing has changed from an end user’s perspective, the malicious extension can collect all sorts of sensitive information including what you search for along with any passwords entered in your browser.
When malicious extensions accidentally end up on the Chrome Web Store, they’re quickly taken down by Google. However, in this case, the malicious extension is actually a local extension, which means the search giant has no control over it. Instead, it’s up to you to remove it from your computer.
You can do this by clicking on the three dots menu in Chrome, heading to More tools and clicking on Extensions. This will show you a list of all the extensions that are installed on your browser — you can remove any you don’t remember installing yourself.
How to stay safe from malware hiding in downloaded files
The first thing you should do to prevent your computer or smartphone from being infected with malware is to avoid downloading films and software illegally. Besides hurting the companies behind these products, doing so puts you and your data at risk.
Malware can also hide in legitimate-looking files, which is why you should be using the best antivirus software with your Windows PC, the best Mac antivirus with your Mac and one of the best Android antivirus apps with your Android smartphone. Antivirus software scans all of the files you download for malware and warns you when one of them could put your security at risk.
As for how to watch The Super Mario Bros. Movie legally, it will actually be available to stream tomorrow (May 16) on Amazon for $29. While this might seem a bit expensive at first, it sure beats having to deal with identity theft and all of the other problems that can occur after a nasty malware infection.
More from Tom's Guide
