This seems like a critical issue, it’s about Mario Brothers!
Trojanized Super Mario game used to install Windows malware
Are you on a gaming forum and someone has a link for Super Mario 3:Mario Forever? Watch out!
It’s another Monero mining attack, in addition to the proper Mario Brothers game, there are two executables installed, atom.exe and java.exe. If these don’t sound bad, they are. They setup a Monero mining system on your computer.
It doesn’t stop there, it gets worse:
“That final file is Umbral Stealer, an open-source C# information stealer available on GitHub since April 2023, which steals data from the infected Windows device.
“This stolen data includes information stored in web browsers, like stored passwords and cookies containing session tokens, cryptocurrency wallets, and credentials and authentication tokens for Discord, Minecraft, Roblox, and Telegram.“
Yikes. I’m not much of a gamer, I bet that reduces my attack surface by quite a bit!
Another story on the same site, Bleeping Computer, is also interesting. I’ve been doing these posts three semesters now, and I didn’t realize they had a weekly roundup of Crypto hijackings.
The Week in Ransomware – June 23rd 2023 – The Reddit Files
If you’re not aware, there’s a whole controversy about Reddit raising their API pricing. There was a two-day blackout by the Reddit moderator community a couple weeks ago.
Apparently a hacker was able to get 80Gb of data out of Reddit and they asked Reddit to pay $4.5 million to keep the data secret. In a message, the hacker says the data shows what all statistics Reddit tracks about users, and exposes their practice of censoring posts.
The hacker is saying they don’t expect Reddit to pay up so the data is likely to be released.
OK that’s it, have a good week and enjoy the RSA Crypto project!
Today’s featured image: “Super Mario Tattoo” by The Pug Father is licensed under CC BY 2.0.