Minecraft is one of the most popular sports in the world. Therefore, that makes Minecraft players a target for hackers.
In a new cybersecurity report, researchers at McAfee Labs describe the malware that just logged over 116,000 hits. When the report was published on June 2, McAfee Labs found that the campaign was getting between 2,000 and 3,000 malicious hits every day.
Called WeedHack, the malware is offered as malware-as-a-service (MaaS). Rather than being shared on the dark web, McAfee reports that WeedHack is readily available on the open web. This means that bad actors don’t need real technical knowledge to release malware. For as little as $5 per month, would-be hackers can gain access to WeedHack, infect their favorite malware, and run various tools on that victim.
McAfee Labs also unveiled a Telegram channel for WeedHack customers made up of over 850 members. Within the Telegram channel, McAfee found that many of the attackers appear to be teenagers and young adults who use malware-as-a-service to attack other young people. WeedHack clients have discussed using remote access capabilities to intimidate, harass, and spy on their victims.
WeedHack is distributed through YouTube and Google, the report said
The report finds that WeedHack is widely distributed in YouTube videos that promote Minecraft mods, clients, and other third-party add-ons that improve the game. In fact, Minecraft mods and clients are WeedHack malware in disguise.
McAfee’s report includes a screenshot of the YouTube comments section of a video promoting the malware. It shows the viewer notifying the video creator that their computer has been warned about malware when downloading the file from the video description. The bad actor then convinces the user that the file is not malware.
In addition, bad actors are reportedly using SEO poison tactics to rank fake websites and pages that appear to be real Minecraft clients. McAfee Labs listed the following legitimate clients as WeedHack targets:
Mashable Light Speed
-
The Meteor Client
-
Radium client
-
Wurst Client
-
Aristotle
-
LiquidBounce
-
Impact Client
-
The Client of the Future
-
The Inertia client
-
Cornos Client
-
WWE client
-
3 au4ck
-
Salhack
-
Phobos
-
Gamesense
Some of these Minecraft mods and clients do not have official websites and are simply hosted on file-sharing websites, making it easy for hackers to manipulate search results with fake websites, the report said.
According to McAfee, players can protect themselves when downloading mods and Minecraft clients by looking for red flags and using antivirus tools. If you’re a young person who’s being approached by bad actors who want to hack your system – especially if they’re trying to trick you – talk to an adult you trust. You can also visit the Online Crime Complaint Center for more information.
What happens if the target is infected with WeedHack malware?
That depends on how much the attacker paid for the malware, which has different subscription tiers.
WeedHack also offers a free version, which promises to give attackers an infostealer that can identify Minecraft session IDs, collect system information, search files, take screenshots of the target’s system, and steal cookies and passwords from 36 different web browsers. The free version also says the attacker can target 56 browser-based crypto wallets, 12 desktop crypto wallets, and the credentials of platforms like Discord, Steam, and Telegram.
A parent’s guide to keeping kids safe on Roblox
An attacker can also sign up for a $5 per month premium tier for additional remote access capabilities, including “web camera access, keylogging, reverse shell launch, screen sharing with keyboard and mouse access, and file management features for uploading and downloading files,” according to McAfee.
A hacker can view all stolen information through an enterprise-grade dashboard.
As McAfee reports, most malware-as-a-service tools cost around hundreds of dollars per month, making them inaccessible to many malicious actors. However, WeedHack’s pricing makes it easily accessible to anyone who wants to use these dangerous tools.
McAfee’s report on WeedHack serves as a warning, showing that not only is malware becoming more powerful, but it’s also becoming more accessible, too.
