Fake software emulators for the Nintendo Switch, Nintendo’s just-released console, is making the rounds, duping gaming enthusiasts into downloading unwanted applications and leaving the door open for ransomware and other malware.
According to Symantec, a search for “Nintendo Switch emulator” on YouTube yields a variety of malicious results which collectively have racked up tens of thousands of views.
“The content of the videos varies significantly,” the firm said in a blog. “Some videos contain a step-by-step process showing how to visit a website, download a file and play Nintendo’s The Legend of Zelda: Breath of the Wild on a PC. Other videos feature a person talking about ‘free tools’ but never explicitly referring to the Switch emulator, indicating that these videos were designed to be generic so they could be repurposed for other trending search terms.”
The videos direct users to sites that feature some Nintendo branding, including screenshots of Breath of the Wild. If a user tries to download one of these fake emulators, they will be directed to a website that claims they need to fill out a survey to receive an unlock code or to unlock the download itself—and some offer the user a chance to get a free Nintendo Switch or other prizes.
One of the YouTube videos resulted in software downloads for both Mac and PC installers for a potentially unwanted application called PUA.OneSystemCare. The payload could easily be adjusted to result in malware, of course.
“Whether it’s survey scams or potentially unwanted applications, the YouTube videos and websites are likely driven by affiliate programs,” Symantec researchers said. “The affiliate would be responsible for delivering a user to the website to fill out a survey, complete an offer or download a file. For each successful conversion (a completed survey, offer, or download) the affiliate would collect a commission from the advertising network. In this case, it is unclear how much each affiliate is making for each conversion.”
Switch enthusiasts and everyone else should be wary of websites that ask them to fill out a survey to unlock content, and Symantec noted that doing some additional research before downloading and installing any application on one’s computer is a solid best practice.