Minecraft players target of online criminals posing as coders, why it's a big concern and how can gamers stay safe

The users of Minecraft are on the target of criminals posing as game coders online and tricking them into using malware designed to steal crucial data. This came to light after analysts traced two pieces of malware spread which seemed like Russian gangs on the code-sharing site GitHub, according to
cybersecurity
firm Check Point, It
Giving details about the malware, the researchers of Check Point said that the malware is developed by a Russian-speaking threat actor and contains several artefacts written in the Russian language, Sky News reported. The malware has been designed to steal from bank accounts, cryptocurrency wallets, browsers and other computer applications.
Speaking about the malware spread, Graeme Stewart, head of public sector at Check Point, said that it was similar to the way "gangs operate to take down retail. They create this and then they float it out for people to use it, he said.
Describing them as "modern-day bank heist guys," Stewart said that they are involved in all this just for the money. "They're scraping these details from Minecraft to get into people's crypto wallets, trying to steal bank details, trying to commit bank fraud," he added.
How does the malware gets triggered
Live Events
Minecraft allows users to modify the game as they play along. All players can do anything from fixing bugs to changing how the game looks. The hacking software is hidden inside the code of Minecraft modifications. They are pieces of code that permit users to change the game.
The things tend to take a wrong turn when users download the malicious code and place it into their Minecraft application. Unlike their expectations, the users don't get the ability to create "funny maps" or modify the game as promised. The next time when they load the game, the malware gets triggered and starts actively stealing data, according to Stewart.
After getting active, the malware starts stealing names, addresses, emails, bank details from the card, he further stated. What makes this malware spread a cause of concern is the fact that of the 200 million people who play Minecraft every month, around 1 million modify the game.
How can gamers stay safe online
There are several smooth ways through which all the gamers who actively participate in online gaming can enjoy their experience while staying safe from hackers and cyber attackers:
These methods include:
Use of strong passwords
Regularly updating software and devices
Monitoring the account activity
Restricting the amount of personal info
Avoid using public WIFI for gaming
Backup your account information
Download games from legitimate sources

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Hindustan Times

12 hours ago

• Hindustan Times

Downloading Minecraft mods? You could be letting hackers into your system

Minecraft fans, if you love trying out new mods, here's something you need to hear. Hackers are now targeting players by hiding malware inside fake Minecraft mods, and it's not just about ruining your game. These fake mods are after your personal data, your logins, and even your crypto wallets. Sounds wild, right? This isn't just a rumour - Check Point Research, a well-known cybersecurity team, has dug into this campaign and shared their findings in a detailed report. What's really happening? Cybercriminals have set up a network called Stargazer's Ghost Network. Since March 2025, they've been focusing on Minecraft's huge modding community, especially those who look for mods and cheat tools on GitHub. Their method is simple but effective. They upload fake mods that look like popular cheat tools, hoping players will download them without thinking twice. Once you do, the real trouble starts. How the attack works These fake mods are written in Java and only work if you already have Minecraft installed. That means they're not just sending this malware out to everyone - they're targeting actual players. When you run one of these mods, it quietly checks if it's on a real computer or just a security lab's virtual machine. If it decides it's safe, it downloads more malware and starts digging through your files. What can be stolen? This malware is not picky. It can grab your browser passwords, your Discord and Steam logins, your cryptocurrency wallet details, and even Telegram info. It also takes screenshots and collects details about your computer. All this stolen data is sent out using Discord webhooks, which helps the hackers avoid being detected by regular security tools. The attack is smart enough to avoid virtual machines, so it's clear these hackers know what they're doing. How big is the problem? Check Point Research estimates that more than 1,500 Minecraft players have already been affected by this scam since it started. The hackers, who are believed to be from Russia based on clues in their files and their activity times, are using hundreds of GitHub accounts to spread these fake mods. With so many accounts and fake mods floating around, it's easy for even careful players to get caught if they're not paying close attention. How to keep yourself safe Only download mods from official sites or creators you trust. Avoid cheat tools and anything that promises shortcuts or unrealistic features. Keep your computer and antivirus software updated at all times. If a download feels suspicious, just skip it. It's not worth the risk. Minecraft is about creativity and having fun, but hackers are always looking for new ways to spoil the party. This campaign is a reminder that even in gaming, you need to be careful about what you download and where you get it from. Always double-check your sources, and don't let anyone mess with your game or your data. So next time you're searching for that cool new mod, remember this warning. First Published Date: 20 Jun, 17:49 IST

Business Standard

12 hours ago

• Business Standard

Meity on alert to find Indian data in global breach; asks Cert-In to probe

Taking cognizance of an alleged global data breach, the Union government is taking steps to identify the quantum of Indian data in it, it is learnt. In what is being considered one of the biggest breaches globally, user names, passwords, and other sensitive personal information of around 16 billion digital accounts were leaked recently. The Ministry of Electronics and Information Technology (Meity) has asked the Indian Computer Emergency Response Team (Cert-In) to seek an appropriate response from intermediaries, data centres, corporate bodies, and government organisations on the Indian data present in the global data leak and report back with details. 'Given the proportion of the global leak, it is very likely that the data of Indian citizens might be on the dataset,'' an official said. Cert-In is looking into it, he pointed out, adding that Indian firms too will have to look into it and report according to cyber incidents norms. Earlier this week, media reports suggested that data of nearly 16 billion accounts of Apple, Facebook, Google, GitHub, Telegram, and various government services were leaked. A Cybernews researcher team, led by Vilius Petkauskas, found, through an investigation beginning in January 2025, that the new records were scattered across 30 different databases and were most likely stolen by various infostealers. 'The datasets that the team uncovered differ widely. For example, the smallest, named after malicious software, had over 16 million records. Meanwhile, the largest one, most likely related to the Portuguese-speaking population, had over 3.5 billion records. On average, one dataset with exposed credentials had 550 million records,' Cybernews said in a report. Emails sent to Apple, Meta, Google and Microsoft did not yield any response on whether they had sent any instructions to users on the alleged breach, and if data of Indian users was also found in the said breach. 'While the exact nature of these leaks remains unclear as investigations unfold, the critical takeaway for users and enterprises alike is unequivocal: reactive password resets are no longer enough. Proactive adoption of strong multi-factor authentication (MFA), particularly biometric verification, is now essential. It creates a critical layer of security that stolen credentials alone cannot compromise,' said Vijender Yadav, co-founder and chief executive officer of cybersecurity firm Accops. In 2022, Meity had issued comprehensive guidelines on the timelines by which any cyber incidents would have to be reported to Cert-In, along with the details of the nature of the attack, the systems, the quantum of data compromised, and whether the users had been informed about the compromise of the datasets. As per the norms then issued, the ministry had also mandated that all companies should maintain a 180-day rolling log of all of their information technology and computer systems and keep that data within India. As and when demanded by Cert-In, this data would have to be furnished in cases of cyber incidents.

NDTV

14 hours ago

• NDTV

Russia Advancing Long-Term Economic Ties With India, Key Partners: Putin

Moscow: Russian President Vladimir Putin on Friday said Moscow's action plan for long-term cooperation till 2030 with India should be finalised shortly. Speaking at the St Petersburg International Economic Forum's plenary session, Putin announced that Moscow is advancing long-term economic cooperation plans with its key partners, including India. "Let me remind you that we agreed to prepare long-term cooperation plans with key partners," Putin said while emphasising that "action plans, including those with countries like India, should be completed shortly." "We have already set a goal to boost oil and gas exports. To achieve this, we will develop relations with partners, remove trade barriers, explore new market niches, build infrastructure, and deepen investment cooperation," he said. The St Petersburg International Economic Forum (SPIEF) 2025 often dubbed as 'Russian Davos' this year has the theme "Shared Values: The Foundation of Growth in a Multipolar World." Putin denied that China and Russia are forming a new multipolar world order. "A new world order is emerging naturally, like the rising sun. There's no way to halt it, our role is to formalise this process and facilitate it, ensuring it develops in a more balanced way that aligns with the interests of the vast majority of nations," Putin said. India at the SPIEF was represented by the Union Minister for Railways, Information and Broadcasting, and Electronics and IT, Ashwini Vaishnaw. Mr Vaishnaw, who is also the minister for Information and Broadcasting, delivered keynote addresses at two significant sessions. Speaking at a session 'The Future of Artificial Intelligence', he highlighted India's advancements in AI and its vision for ethical and inclusive technological growth. While addressing the India-Russia Business Forum, he emphasised the deepening economic ties between the two countries and exploring new avenues for collaboration. Mr Vaishnaw had several meetings with Russian Federal Ministers, leading industrialists, technology leaders, and investors. These discussions focused on enhancing India-Russia cooperation in critical sectors including Logistics & Transportation, Infrastructure Development, Railway Modernisation, Information Technology & Artificial Intelligence. These engagements underscored "India's commitment to fostering strategic partnerships with Russia, particularly in technology-driven and infrastructure domains, aligning with the vision of Atmanirbhar Bharat (Self-Reliant India) and global digital transformation," a press release from the Embassy of India in Moscow said. His visit marks a significant step in reinforcing the longstanding India-Russia relationship, paving the way for mutual growth and innovation, it added.