Attention, players of Minecraft: A new one malware campaignspecially designed for steal data private, began to attack users who download Mods and unofficial tools for the video game.
Researchers from Check Point Research They discovered that the threat that It spreads through githuba platform widely used by developers, where the attackers publish assumptions resources for him game With similar names or similar to the legitimate.
Also read: They created artificial intelligence within Minecraft that plays alone and collects diamonds
That way, they look for deceive gamers who believe they download simple improvements For your game experience, when in reality They install a complex malware able to capture from credentials of Minecraft even cryptocurrency wallets, VPN information and personal archives.
With more than 200 million monthly active users, Minecraft is in an attractive target for cybercriminals. (Image: Minecraft)
How does this dangerous malware in Minecraft work?
The infection Start when the player executes Minecraft With one of these false mods. Malware, camouflaged for Minecraft Forgemakes a device safety analysis. If it detects something suspicious, it self -destructs. But, it connects to the Internet to download the following component, A “data thief”.
This file, called Mixinloader-V2.4.jarcollect username and player’s ID, Capture tokens of Minecraftand extract the IP address external From the team and download the last program, the most dangerous.
This component is Designed to steal credentials and sensitive computer files from the victim, such as browse credentials, personal files, cryptocurrency walletsVPN data, clipboard content and screenshots. Everything is compressed and sent online to cybercriminals.
Also read: Minecraft and The Sims are among the most used video games to spread malware to gamers
How to protect yourself from this attack?
This case illustrates how the custom of Download mods and resources from unofficial sources can become a channel Ideal for distributing malware. In communities as active as that of Minecraftan attractive mod may be the entrance door to a massive theft of data.
To avoid This type of attack, the specialists of Check Point Research They recommend:
- Discard mods only from official or verified sources.
- Maintain your operating system, games and navigators updated, to avoid known vulnerabilities.
- Have a cybersecurity solution.
