Latest news with #Minecraft
Hindustan Times
25 minutes ago
- Hindustan Times
Downloading Minecraft mods? You could be letting hackers into your system
Minecraft fans, if you love trying out new mods, here's something you need to hear. Hackers are now targeting players by hiding malware inside fake Minecraft mods, and it's not just about ruining your game. These fake mods are after your personal data, your logins, and even your crypto wallets. Sounds wild, right? This isn't just a rumour - Check Point Research, a well-known cybersecurity team, has dug into this campaign and shared their findings in a detailed report. What's really happening? Cybercriminals have set up a network called Stargazer's Ghost Network. Since March 2025, they've been focusing on Minecraft's huge modding community, especially those who look for mods and cheat tools on GitHub. Their method is simple but effective. They upload fake mods that look like popular cheat tools, hoping players will download them without thinking twice. Once you do, the real trouble starts. How the attack works These fake mods are written in Java and only work if you already have Minecraft installed. That means they're not just sending this malware out to everyone - they're targeting actual players. When you run one of these mods, it quietly checks if it's on a real computer or just a security lab's virtual machine. If it decides it's safe, it downloads more malware and starts digging through your files. What can be stolen? This malware is not picky. It can grab your browser passwords, your Discord and Steam logins, your cryptocurrency wallet details, and even Telegram info. It also takes screenshots and collects details about your computer. All this stolen data is sent out using Discord webhooks, which helps the hackers avoid being detected by regular security tools. The attack is smart enough to avoid virtual machines, so it's clear these hackers know what they're doing. How big is the problem? Check Point Research estimates that more than 1,500 Minecraft players have already been affected by this scam since it started. The hackers, who are believed to be from Russia based on clues in their files and their activity times, are using hundreds of GitHub accounts to spread these fake mods. With so many accounts and fake mods floating around, it's easy for even careful players to get caught if they're not paying close attention. How to keep yourself safe Only download mods from official sites or creators you trust. Avoid cheat tools and anything that promises shortcuts or unrealistic features. Keep your computer and antivirus software updated at all times. If a download feels suspicious, just skip it. It's not worth the risk. Minecraft is about creativity and having fun, but hackers are always looking for new ways to spoil the party. This campaign is a reminder that even in gaming, you need to be careful about what you download and where you get it from. Always double-check your sources, and don't let anyone mess with your game or your data. So next time you're searching for that cool new mod, remember this warning. First Published Date: 20 Jun, 17:49 IST
Economic Times
6 hours ago
- Economic Times
Minecraft players target of online criminals posing as coders, why it's a big concern and how can gamers stay safe
How does the malware gets triggered Live Events How can gamers stay safe online Use of strong passwords Regularly updating software and devices Monitoring the account activity Restricting the amount of personal info Avoid using public WIFI for gaming Backup your account information Download games from legitimate sources (You can now subscribe to our (You can now subscribe to our Economic Times WhatsApp channel The users of Minecraft are on the target of criminals posing as game coders online and tricking them into using malware designed to steal crucial data. This came to light after analysts traced two pieces of malware spread which seemed like Russian gangs on the code-sharing site GitHub, according to cybersecurity firm Check Point, ItGiving details about the malware, the researchers of Check Point said that the malware is developed by a Russian-speaking threat actor and contains several artefacts written in the Russian language, Sky News reported. The malware has been designed to steal from bank accounts, cryptocurrency wallets, browsers and other computer about the malware spread, Graeme Stewart, head of public sector at Check Point, said that it was similar to the way "gangs operate to take down retail. They create this and then they float it out for people to use it, he them as "modern-day bank heist guys," Stewart said that they are involved in all this just for the money. "They're scraping these details from Minecraft to get into people's crypto wallets, trying to steal bank details, trying to commit bank fraud," he allows users to modify the game as they play along. All players can do anything from fixing bugs to changing how the game looks. The hacking software is hidden inside the code of Minecraft modifications. They are pieces of code that permit users to change the things tend to take a wrong turn when users download the malicious code and place it into their Minecraft application. Unlike their expectations, the users don't get the ability to create "funny maps" or modify the game as promised. The next time when they load the game, the malware gets triggered and starts actively stealing data, according to getting active, the malware starts stealing names, addresses, emails, bank details from the card, he further stated. What makes this malware spread a cause of concern is the fact that of the 200 million people who play Minecraft every month, around 1 million modify the are several smooth ways through which all the gamers who actively participate in online gaming can enjoy their experience while staying safe from hackers and cyber attackers:
Time of India
7 hours ago
- Time of India
Minecraft players target of online criminals posing as coders, why it's a big concern and how can gamers stay safe
The users of Minecraft are on the target of criminals posing as game coders online and tricking them into using malware designed to steal crucial data. This came to light after analysts traced two pieces of malware spread which seemed like Russian gangs on the code-sharing site GitHub, according to cybersecurity firm Check Point, It Giving details about the malware, the researchers of Check Point said that the malware is developed by a Russian-speaking threat actor and contains several artefacts written in the Russian language, Sky News reported. The malware has been designed to steal from bank accounts, cryptocurrency wallets, browsers and other computer applications. Speaking about the malware spread, Graeme Stewart, head of public sector at Check Point, said that it was similar to the way "gangs operate to take down retail. They create this and then they float it out for people to use it, he said. Describing them as "modern-day bank heist guys," Stewart said that they are involved in all this just for the money. "They're scraping these details from Minecraft to get into people's crypto wallets, trying to steal bank details, trying to commit bank fraud," he added. How does the malware gets triggered Live Events Minecraft allows users to modify the game as they play along. All players can do anything from fixing bugs to changing how the game looks. The hacking software is hidden inside the code of Minecraft modifications. They are pieces of code that permit users to change the game. The things tend to take a wrong turn when users download the malicious code and place it into their Minecraft application. Unlike their expectations, the users don't get the ability to create "funny maps" or modify the game as promised. The next time when they load the game, the malware gets triggered and starts actively stealing data, according to Stewart. After getting active, the malware starts stealing names, addresses, emails, bank details from the card, he further stated. What makes this malware spread a cause of concern is the fact that of the 200 million people who play Minecraft every month, around 1 million modify the game. How can gamers stay safe online There are several smooth ways through which all the gamers who actively participate in online gaming can enjoy their experience while staying safe from hackers and cyber attackers: These methods include: Use of strong passwords Regularly updating software and devices Monitoring the account activity Restricting the amount of personal info Avoid using public WIFI for gaming Backup your account information Download games from legitimate sources
Sky News
9 hours ago
- Sky News
Minecraft users targeted by criminals posing as game coders
Minecraft users are being targeted by criminals posing as game coders online. Analysts tracked two pieces of malware spread by what appears to be Russian gangs on the code-sharing site GitHub, , according to cybersecurity firm Check Point. Its researchers said: "The malware is developed by a Russian-speaking threat actor and contains several artefacts written in the Russian language." Thousands of Minecraft users have already been tricked into using the malware, which is designed to steal from bank accounts, cryptocurrency wallets, browsers and other computer applications. Graeme Stewart, head of public sector at Check Point, said it was similar to the way "gangs operate to take down retail... they create this and then they flood it out to people and people then use it". He described them as "modern-day bank heist guys". "They're just in it for the money," he said. "They're scraping these details from Minecraft to get into people's crypto wallets, trying to steal bank details, trying to commit bank fraud." The hacking software is hidden within the code of Minecraft modifications, which are pieces of code that allow users to change the game. Minecraft allows users to modify the game as they play - players can do anything from fixing bugs to changing how the game looks. 2:27 But when players download the malicious code and place it into their Minecraft application, they don't get the ability to create "funny maps" or modify the game as promised. Instead, the next time they load Minecraft, the malware will trigger, and soon, "it will start actively stealing data", according to Mr Stewart. "Most people have got their cards saved onto their browser and things like that, it'll start stealing that, names, addresses, emails, bank details, anything. "If anyone's got a crypto wallet that they use through the browser, then it'll steal that as well." "It's like a digital verruca, it buries itself into the machine and then starts sucking the information out," said Mr Stewart. Of the 200 million people thought to play Minecraft every month, around one million modify the game, and a lot of the code they use to do that is posted on GitHub. According to Ofcom, around 1.7 million gamers play Minecraft in the UK. A Minecraft spokesperson told Sky News that player safety is a "top priority for us" and the company is "committed to investigating reported security violations". "When we receive reports of content that does not comply with our usage guidelines, we take action as appropriate," they said. "We encourage players to report any suspicious content through our official website and leverage our resources to make informed choices." Hackers are increasingly targeting gamers in this way, with the UK's National Cyber Security Centre warning families to stay alert to dangerous downloads like this. "There were some of us who thought it was only a matter of time before this particular vulnerability starts getting exposed en masse," said Dr Harjinder Lallie, a cyberattack academic at the University of Warwick. "That's where we're going now." Although children may fall prey to this kind of attack, the group Dr Lallie and his colleagues worry about more are "young adults who have admin [rights] on their own computer". "They're just a bit more savvy. They really want that mod; they want those extra features. And if it means [they] have to turn off the Microsoft Defender system for two minutes while [they] install it, then [they'll] turn it off, install that mod, and then turn it back on afterwards. By that time, the damage has been done," said Dr Lallie. The users mentioned in the report had already had their accounts disabled and GitHub told Sky News it is "committed to investigating reported security issues". "We disabled user accounts in accordance with GitHub's Acceptable Use Policies, which prohibit posting content that directly supports unlawful active attack or malware campaigns that are causing technical harms," said a spokesperson. The company also has teams dedicated to finding and removing malicious content as well as using AI and humans to monitor the site at scale, according to the spokesperson.
Scottish Sun
10 hours ago
- Scottish Sun
All 200 million Minecraft players risk having money stolen in seconds in ‘undetected' attack – avoid common game mistake
Read on to find out how to avoid exposing your data CRAFTY CON All 200 million Minecraft players risk having money stolen in seconds in 'undetected' attack – avoid common game mistake Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) MILLIONS of Minecraft players are at risk of having their sensitive information stolen in the recent "undetected" attack. All 200 million users could have their money stolen after a research has uncovered a "malicious" campaign. Sign up for Scottish Sun newsletter Sign up 1 Millions of Minecraft users risk having money stolen in a recent attack Credit: Alamy CheckPoint Research has revealed through their investigation that Minecraft users are being targeted through mods. The popular game allows players a creative freedom via mods, which are additions to a game made by fans. Minecraft players can download mods to enhance their gaming experience but they have to be careful. When you install a new mod, you could be inviting a virus onto your computer. According to CheckPoint Research, a large-scale malicious campaign has been targeting mods to infect people's devices. The malware has been spread through Minecraft modding system as well as GitHub. A network of Github accounts, dubbed Stargazers Ghost Network, has been impersonating popular cheats and scripts 'Oringo and Taunahi'. They provided mods which appeared legitimate as multiple accounts starred them. The first and second stages of the attack are developed in Java and can only be executed if the host computer has the Minecraft runtime. These files would then carry out a "multi-stage attack" to breach systems and steal victims' personal information. AT&T Hack Exposes FBI Communications: Espionage Fears Rise Since March 2025, Check Point Research has been attempting to monitor these "malicious GitHub repositories." The malware has gone undetected by all antivirus engines on VirusTotal as they are specifically targeted at Minecraft users. Their research listed all the information that may be stolen, including private conversations sent through Discord, cryptocurrency wallets, browser logins, and much more. Gamers have been warned to exercise caution when downloading third-party content. It comes after a colossal leak exposed as many as 16 billion logins for Apple, Facebook and Google users. It's one of the largest data breaches in history giving hackers "unprecedented access" to your personal info and online accounts, experts warn. Logins for Instagram, Microsoft, Netflix, PayPal, Roblox, Discord, Telegram, GitHub and various government services in more than 29 countries, including the UK and US, have also been affected.
