Super Mario Bros. Movie downloads are infecting pirates with malware

Mario driving a go-kart in the Super Mario Bros. Movie
(Image credit: Nintendo/Illumination)

Hackers are once again targeting users that illegally download films and infecting their devices with malware.

This time around, they’ve embedded malware into illegal downloads of The Super Mario Bros. Movie, according to a new blog post from the cybersecurity firm ReasonLabs. As reported by Axios, the hackers began targeting Illumination’s latest film on April 30 after it was leaked on Twitter in its entirety and then quickly taken down.

Like similar campaigns, this one begins with free, illegal copies of The Super Mario Bros. Movie. While users think they’ve managed to download the film for free without any consequences, a trojan arrives on their computer alongside the movie.

ReasonLabs says that the malware used in this new campaign has actually been used more than 150,000 times in the past to steal data and other sensitive information from pirates. While it often arrives alongside pirated films, the malware has also been distributed with pirated software as well.

Hijacking browser sessions

and image of the Google Chrome logo on a laptop

(Image credit: Shutterstock)

Once downloaded onto a user’s system, the malware installs a malicious extension that’s used to hijack the user's browser. It does this by giving itself sensitive browser permissions, allowing it to take over a browser’s default search bar.

Although it may appear like nothing has changed from an end user’s perspective, the malicious extension can collect all sorts of sensitive information including what you search for along with any passwords entered in your browser.

When malicious extensions accidentally end up on the Chrome Web Store, they’re quickly taken down by Google. However, in this case, the malicious extension is actually a local extension, which means the search giant has no control over it. Instead, it’s up to you to remove it from your computer.

You can do this by clicking on the three dots menu in Chrome, heading to More tools and clicking on Extensions. This will show you a list of all the extensions that are installed on your browser — you can remove any you don’t remember installing yourself.

How to stay safe from malware hiding in downloaded files

Best antivirus software

(Image credit: Shutterstock)

The first thing you should do to prevent your computer or smartphone from being infected with malware is to avoid downloading films and software illegally. Besides hurting the companies behind these products, doing so puts you and your data at risk.

Malware can also hide in legitimate-looking files, which is why you should be using the best antivirus software with your Windows PC, the best Mac antivirus with your Mac and one of the best Android antivirus apps with your Android smartphone. Antivirus software scans all of the files you download for malware and warns you when one of them could put your security at risk.

As for how to watch The Super Mario Bros. Movie legally, it will actually be available to stream tomorrow (May 16) on Amazon for $29. While this might seem a bit expensive at first, it sure beats having to deal with identity theft and all of the other problems that can occur after a nasty malware infection.

More from Tom's Guide

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
A magnifying glass on top of the Steam logo in a web browser
Valve recommends a full PC reset after malware-infected game discovered on Steam
A hacker typing quickly on a keyboard
Thousands of WordPress sites hijacked to spread Windows and Mac malware - how to stay safe
A hacker typing quickly on a keyboard
Hackers are posing as Apple and Google to infect Macs with malware — don’t fall for these fake browser updates
and image of the Google Chrome logo on a laptop
Popular Chrome extensions hijacked by hackers in widespread cyberattack — 3.2 million at risk
Reddit logo and Reddit logo on phone
Hackers have created hundreds of fake Reddit sites to spread info-stealing malware
Latest in Malware & Adware
Green skull on smartphone screen.
This Android banking trojan steals passwords to take over your accounts — and all it takes is a single text message
PayPal logo on iPhone
Watch out! Scammers are using this PayPal setting to take over your PC
A laptop displaying the Chrome logo
Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
and image of the Google Chrome logo on a laptop
Google Docs under attack from info-stealing malware — how to keep your data and your emails safe
MacBook Pro 2021 (16-inch) on a patio table
Millions of Mac owners urged to be on alert for info-stealing malware
One phone with skull and crossbones on screen among several other clean-looking phones.
Malicious iPhone apps are spreading screenshot-reading malware on the Apple App Store — how to stay safe
Latest in News
Charlie Cox as Matt Murdock / Daredevil in "Daredevil: Born Again"
I just watched ‘Daredevil: Born Again’ and it has one serious problem
AI Mode of google search
Google launches 'AI Mode' for search — here's how to try it now
Press
Hulu top 10 shows — here's the 3 worth watching right now
Emily Blunt in Sicario
'Sicario’ just hit Netflix’s top 10 movies — stream this crime thriller rated 92% on Rotten Tomatoes
Helix ErgoAlign mattress topper on top of black mattress on wooden bedframe in bedroom with plant, gold bedside lamps and grey rug
Helix launch two new mattress toppers for advanced cooling and back pain relief
Google Pixel 9 Pro XL review.
Google Pixel 10 just tipped for a new AI assistant called Pixel Sense
  • GumdropUnicorn
    This isn't new or particularly smart. They're taking advantage of people who still hide extensions and don't have the sense to check before blindly clicking. In 2023, if you fall for this, then you deserve what you get.
    Reply