Super Mario Bros. Movie downloads are infecting pirates with malware

Mario driving a go-kart in the Super Mario Bros. Movie
(Image credit: Nintendo/Illumination)

Hackers are once again targeting users that illegally download films and infecting their devices with malware.

This time around, they’ve embedded malware into illegal downloads of The Super Mario Bros. Movie, according to a new blog post from the cybersecurity firm ReasonLabs. As reported by Axios, the hackers began targeting Illumination’s latest film on April 30 after it was leaked on Twitter in its entirety and then quickly taken down.

Like similar campaigns, this one begins with free, illegal copies of The Super Mario Bros. Movie. While users think they’ve managed to download the film for free without any consequences, a trojan arrives on their computer alongside the movie.

ReasonLabs says that the malware used in this new campaign has actually been used more than 150,000 times in the past to steal data and other sensitive information from pirates. While it often arrives alongside pirated films, the malware has also been distributed with pirated software as well.

Hijacking browser sessions

and image of the Google Chrome logo on a laptop

(Image credit: Shutterstock)

Once downloaded onto a user’s system, the malware installs a malicious extension that’s used to hijack the user's browser. It does this by giving itself sensitive browser permissions, allowing it to take over a browser’s default search bar.

Although it may appear like nothing has changed from an end user’s perspective, the malicious extension can collect all sorts of sensitive information including what you search for along with any passwords entered in your browser.

When malicious extensions accidentally end up on the Chrome Web Store, they’re quickly taken down by Google. However, in this case, the malicious extension is actually a local extension, which means the search giant has no control over it. Instead, it’s up to you to remove it from your computer.

You can do this by clicking on the three dots menu in Chrome, heading to More tools and clicking on Extensions. This will show you a list of all the extensions that are installed on your browser — you can remove any you don’t remember installing yourself.

How to stay safe from malware hiding in downloaded files

Best antivirus software

(Image credit: Shutterstock)

The first thing you should do to prevent your computer or smartphone from being infected with malware is to avoid downloading films and software illegally. Besides hurting the companies behind these products, doing so puts you and your data at risk.

Malware can also hide in legitimate-looking files, which is why you should be using the best antivirus software with your Windows PC, the best Mac antivirus with your Mac and one of the best Android antivirus apps with your Android smartphone. Antivirus software scans all of the files you download for malware and warns you when one of them could put your security at risk.

As for how to watch The Super Mario Bros. Movie legally, it will actually be available to stream tomorrow (May 16) on Amazon for $29. While this might seem a bit expensive at first, it sure beats having to deal with identity theft and all of the other problems that can occur after a nasty malware infection.

More from Tom's Guide

TOPICS
Anthony Spadafora
Managing Editor Security and Home Office

Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

  • GumdropUnicorn
    This isn't new or particularly smart. They're taking advantage of people who still hide extensions and don't have the sense to check before blindly clicking. In 2023, if you fall for this, then you deserve what you get.
    Reply