The "Minecraft" community is now facing a grave threat from a massive malware that disguised itself as fake mods as many unsuspecting users downloaded and installed the mod on their devices.
WeedHack was designed to exploit the "Minecraft" modding community, with the game still being one of the most popular platforms for game mods and tweaks.
The malware was spread by a teenager across "Minecraft's" Discord and other communities of the game, using social engineering tactics and more ways to spread the illegitimate files to players.
Fake 'Minecraft' Mods Disguise Malware
According to a report by Digital Trends, a new discovery has been made of a massive malware-as-a-service operation that targeted "Minecraft" players. Here, the threat actor reportedly created fake mods, cheats, and clients that were dubbed as "WeedHack."
As of writing, it has already affected over 100,000 players in the game, and it is currently offering other bad actors and cybercriminals the opportunity to use this pre-made malware platform for as low as $5 per month.
The operation spreads through channels players already trust. The malware is distributed through "Minecraft"-related malicious mods, clients, cheats, and utilities that are promoted through YouTube and search engine optimization poisoning, a technique that pushes fake results to the top of search pages to trick users into clicking them.
What makes WeedHack especially dangerous is how it disguises itself, with the malware operating by distributing malicious Java Archive files masquerading as mods, clients, and cheats. Researchers identified thousands of unique files and URLs already spread across the internet.
Once the device gets infected, WeedHack steals credentials like "Minecraft" session IDs, browser cookies, saved passwords, and other sensitive information like cryptocurrency wallet data. Additionally, it also steals credentials for apps such as Discord, Steam, and Telegram, with its premium tier adding remote control capabilities that can spy on webcams, keyloggers, and file management access.
Over 116,000 Players Infected with Malware
As per McAfee, WeedHack has been logged in more than 116,000 devices globally, and what makes it more threatening is how cheap it is for aspiring threat actors to use and victimize people they target. The malware continues to plague the "Minecraft" community as of writing, with as many as 2,000 users getting infected daily.
Data from the cybersecurity research shows that most victims are located in the United States, Germany, India, the United Kingdom, and Italy.
The low cost of entry has also widened the pool of attackers, with the researchers discovering that most users were teenagers and are using the WeedHack platform to bully and/or harass their peers online.
