Super Mario Run is projected to launch in the Google Play Store in the coming weeks , after previously going live on iOS on December 15 , and cybercriminals are trying to benefit from the excitement generated by Nintendo ’ s new title using a new wave of malware . Security company zscaler warns that malware disguised as Attack.Phishing Super Mario Run for Android is now spreading across the Internet , with users encouraged to download APKs that eventually infect devices and attempt to steal financial information . Specifically , the malicious Super Mario Run for Android package is infected with the Android Marcher Trojan , which now comes disguised as Attack.Phishing Nintendo ’ s game , but features a similar behavior to what we ’ ve seen in the past . Once it infects an Android device , it opens an overlay that requires Attack.Phishing users to enter their financial details whenever mobile banking apps are launched , and collected data is then saved and submitted Attack.Databreach to a command and control center owned by the attacker . In most of the cases , the Google Play Store can no longer launch as users are provided with the same overlay asking for financial details . “ In previous variants of Marcher , we observed this malware family targeting well-known Australian , UK , and French banks . The current version is targeting account management apps as well as well-known banks , ” zscaler says .