If you thought you were being slick by downloading illegal uploads of The Super Mario Bros Movie online (and perhaps uploading them in parts to Twitter), there’s a chance your computer has a mystery item box of its own in the form of a malicious virus—womp womp.
According to a recent report from cybersecurity company ReasonLabs, hackers infected bootleg copies of The Super Mario Bros. Movie with a Trojan virus that—instead of downloading a ripped copy of Nintendo and Illumination’s box-office record-breaking movie—installs a browser extension that steals users’ private information. According to Axios, the sensitive information the Mario malware looks for is user passwords and financial information saved specifically to Google Chrome’s browser.
“The malicious extension is hijacking the users’ web search functions by giving itself numerous sensitive browser permissions,” ReasonLabs wrote in its report. “Because it’s a local extension, it can’t be removed from the Google Chrome Web store. Moreover, it’s not supervised or inspected by the Google Chrome Web store team and therefore is not bound by security restrictions.”
Read More: Sheesh, The Full Super Mario Bros. Movie Keeps Popping Up On Twitter
The risk of malware infecting illegal copies of movies comes with the territory of willingly choosing to download them, and ReasonLabs thinks the malware Mario movie has the potential to affect over a million people’s computers. Outside of reports from its own users, ReasonLabs said “there are seemingly millions of affected users around the world” since April 30.
Of course, this technological hardship could have been avoided if said pirates, I don’t know, waited a week for The Super Mario Bros. Movie to come out on digital but sometimes pain is an excellent teacher.