With minecraft being one of the most popular games in the world and being one of the most modified games in the world – it is not uncommon for hackers to try to use mods to xbox and Mojang Studios‘Sandbox survival game as an attack vector. However, at the moment there is a especially A dangerous malware that is circulating out there and that anyone who mods Minecraft (or knows someone who does) should know about.
I am referring to “WeedHack”, a malicious software. discovered by McAfee researchers which has been distributed to attackers via a Malware as a Service (MaaS) campaign. It has been active since January and unlike most hacking tools which typically cost hundreds of dollars, WeedHack is extremely cheap, making it exceptionally dangerous.
There is a free tier available that anyone can sign up for, with Premium plans starting at $5 a month, giving bad faith actors access to a more advanced version of the software that has more severe capabilities.
Attackers use WeedHack by hiding it inside Minecraft mod files, effectively using them as a kind of Trojan horse. Links to download these files are then shared on fake and convincing mod hosting sites, in the description of fake mod review videos on YouTube, or in the comment sections.
Once downloaded, WeedHack silently uses the Ethereum blockchain to connect to a secret network, then disables Windows Defender protections and integrates into your system before stealing everything from Minecraft session IDs and system information about your computer to Steam passwords. Discordand your browser and crypto wallet credentials.
Surprisingly, WeedHack’s Premium tier is also capable of giving a hacker live access to your computer’s webcam, the power to force screen sharing with mouse and keyboard control, command line control over your PC, and the ability to upload or download files to your system.
McAfee says that while investigating WeedHack by spying on its now-deleted Telegram server, he discovered that many of its users are teenagers and young adults, no doubt able to make use of the software due to its extremely low barrier to entry. Reportedly, while the malware could used for financial theft, it has largely been used as a tool for cyberbullying and harassment.
Researchers say they witnessed attackers sharing videos recorded from victims’ webcams as trophies and claiming they used stolen IP addresses and passwords to threaten those they had infected with WeedHack.
As of this writing, more than 116,000 users have been affected in some way by the WeedHack attacks, and the malware campaign reportedly “averages 2,000 to 3,000 new hits each day.”
So what can you do to protect yourself? Above all, you should never download a Minecraft mod (or a mod for any game, in fact, from a source that the community does not trust. For Minecraft, that means sticking to cursed forge either modrinth; for other games, you just have to download from Nexus Mods either ModDB. I can’t emphasize this enough.
You may also want to consider security software like McAfee, as it may succeed in thwarting WeedHack intrusion attempts where Windows Defender fails. McAfee says that its Web Protection will prevent you from visiting sites where files can be downloaded in the first place, and that its antivirus will successfully prevent malware from working if it manages to do so.
It’s tragic that such harmful malware is proliferating on the web right now, and it’s a sobering reminder of how important it is to be very careful about where you download files from. Be smart, friends.
Join us on Reddit at r/WindowsCentral to share your ideas and discuss our latest news, reviews and more.
