More than 1500 Minecraft players seem to have mistakenly downloaded a mod that was filled to the brim with malicious Java code. PC users should be wary when downloading stuff online, especially if they are using Windows, as exploiting vulnerabilities in the Microsoft Operating System is easier than ever now. It is clear that this is targeted specifically to Java Version users, Bedrock players are safe since they don’t really have the ability to download mods without some external tooling. This infection is very scary too, as it ends up with a .NET payload that steals all your data from you. We at Infinite Start will cover what damages it has caused.
1500 Minecraft Players have suffered
Not only is this a crypto wallet stealer, but all your passwords and important credentials are going away with it. A github chain of attack has occurred with more than 500 repositories working in tandem, distributing a .jar file that seemed to be a mod, but in reality it was a stealer type of virus, one of the most dangerous kinds of viruses that often go undetected. The biggest threat is that, they actually merge with real mod names, so if you are downloading something from a Github, make sure its the real repository instead of a fake one.
We live in times when the cyber warfare happens through the most unlikely of situations, seemingly innocent things can spiral out of control if you don’t take precaution. Always make sure to enable 2FA in any important account, there’s also a ton of password managers like Keepass. There’s tons of tutorials online to stay safe and improve your privacy, the more private you are, the less issues you will find in the web. Convenience might be reduced, but that’s the price of trying to stay safe, and things in the security and privacy space are also getting better too.
