Bitdefender warns gamers of Minecraft on a dangerous campaign by malware which targeted video game modpacks. “Fractureiser” spreads rapidly, steals user credentials and hacks into cryptocurrency wallets to hijack transactions.
The malware lurks within various Minecraft modifications (mods) and plugins, raising considerable concern among the gaming community and security experts. Video game enthusiasts must pay close attention to the sites CurseForge e Bukkit, warns Bitdefender, a company specializing in computer security. Several accounts on both sites were compromised and used to post malware updates of mods and plugins, without the original author’s knowledge. The infected files then became modpack popolari, downloaded million times until April when the first cases were detected.
What the “Fractureiser” malware does
The malware of this dangerous campaign is called “Fractureiser” and has the following characteristics:
- It spreads to all file JAR present on the system, spreading to initially uninfected mods and other Java programs.
- Enter the addresses of cryptocurrencies arbitrary in the clipboard.
- It takes possession of credentials of users and cookies via web browsers.
- Exfiltrate credentials for Discord, Microsoft e Minecraft.
- It affects systems Linux e Windows through Minecraft installations, attempting to compromise all eligible JAR files present on the system.
- Monitor the clipboard for addresses of cryptocurrency walletsand then exchange them for those of the cybercriminal and thus hijack the transactions.
How to protect yourself from Minecraft malware
Bitdefender identifies Minecraft malware code at all stages of execution as Trojan.Java.Fractureiser. To make sure you haven’t downloaded any of the mods infected in the last few months and that your JAR files are intact, you can run a deep scan with Bitdefender Total Security or other security solutions.