Creativity and personalization are an essential part of the Minecraft universe. However, what many players consider a way to improve their game experience has become a dangerous entrance door for cybercriminals.
Check Point Research researchers have revealed a sophisticated malware campaign specifically designed for Steal private information of Minecraft users who download mods and unofficial tools.
This threat, which began to circulate recently, Distribute through githuba popular platform between developers. There, attackers publish resources with names similar to legitimate mods, disguising malware as if they were simple improvements for the video game.
The infection begins as soon as the player runs Minecraft with any of these false modsespecially those who appear to be compatible with Minecraft Forgeone of the modification platforms most used by the community.
The malicious file acts intelligently: first runs a Device Security Analysis. If it detects a security tool or an anomaly that could give it away, it self -destructs, avoiding being discovered. But if you do not find barriers, start the second phase of the attack: Download an additional file from the Internet.
This file, called Mixinloader-V2.4.jarit is the heart of the malicious system. Collect key information such as Username and player ID, Access tokensthe External IP address of the device and other useful data to identify the user. Then, install an even more aggressive component: a “Data Stealer” or data thief.
The third stage of the attack is the most dangerous. The data thief seeks Personal files, Navigators credentials, cryptocurrency wallets, VPN data, clipboard content, screenshots and any other type of confidential information that can be exploited or sold.
Once compiled, all content is compressed and automatically sent to servers controlled by cybercriminals. This makes the user a total victim, without noticing until it is too late.
This attack shows how active and confident communitieslike Minecraft’s, they can be easy target of new malicious campaigns. In these spaces, where the exchange of resources is usual, it is enough that a mod looks attractive and functional so that thousands of players download it without verifying their authenticity.
From Check Point they warn that this modality not only affects casual players, but also content creators and streamers who install multiple tools to optimize their experience. Given the level of information they handle, they can become high value objectives For criminals.
To reduce the risk of being a victim of this campaign, experts recommend a series of simple but effective measures:
- Download mods only from official sources or verified platformssuch as Cursforge or the official Minecraft site.
- Avoid shared links in non -moderate forums or social networks that redirect suspicious repositories.
- Maintain the operating system and updated gamesto avoid known vulnerabilities.
- Have a cybersecurity solution reliable that detect malicious files before they are executed.
- Make regular backupsto avoid irreversible losses in case of infection.
