Android-device owners who love Mario games and can't wait to play Super Mario Run need to learn some patience. The game has been released only on iOS, yet tons of phony copycats containing malware are flooding third-party Android app stores.
Some of these apps, including one titled "Super Mario," can take full control over your phone, as they request privileges to edit, read, receive and send text messages, as well as take photos and video and even track your precise location using GPS.
We're learning about this danger from a blog posting yesterday (Dec. 19) by the Tokyo-based Trend Micro antivirus firm, which reports detecting malicious Mario apps 90,000 times this year. The aforementioned "Super Mario" title, for example, first prompts users to install an update, which turns out to be something called 9Apps, which asks for more rights, including recording audio, reading modifying the calendar and complete SD-card access.
MORE: Best Android Games
The phony Super Mario app displays an emulated version of the original NES Super Mario Bros. game, but Trend Micro said it also shows lots of "unnecessary icons, displays pop-up and banner ads, installs other apps, and performs other intrusive activities without any input from the user."
Things may get worse if you click on any of the ads in these apps. The device will navigate to "either adult sites or malicious sites" looking to get you to install various other apps, which include more unwanted malware that begs for administrator-level access to your phone.
Trend Micro reports that fraudulent Mario Android apps aren't new, with the first fakes appearing at least as early as 2012. But the current hype over the official Super Mario Run game for iOS (and Android sometime next year) has increased the output rate of malicious Marios.
What Can You Do?
As always, we suggest users stay away from third-party app stores as if they were Goombas. Limit your downloads to official retailers such as the Google Play store (and the Amazon store if you have a Fire device). Go into Settings, tap Security and make sure "Unknown sources" is turned off.
We didn't see any malicious-looking Mario apps in the Google Play store, but we did see a lot of guides for understanding the game. Remember, if an app isn't supposed to be available for your device, don't think you can game the system and find it on your own.