This 'malware' impersonates Minecraft

This ‘malware’ impersonates Minecraft

Recognized as the best-selling video game of all time, Minecraft not only captures the attention of gamers around the world, it also piques the interest of cybercriminals.

A few months ago, Kaspersky researchers discovered more than 20 applications available on Google Play that offered additional Minecraft functions.

Despite the fact that these fraudulent applications were withdrawn from official stores, Kaspersky experts have found others that have just been developed, and whose objective is to exploit the video game for the benefit of cybercriminals.

Kaspersky’s research team has analyzed various applications, including those that are available on the Google Play Store and that are presented as modpacks for Minecraft (packages created by the players themselves with additional functions).

Thus, the company’s experts have found several malicious apps that spread adware and they even steal social media credentials.

First, researchers have discovered various applications that distribute adware, a software that bombards users with unwanted ads, disrupting well the normal use of your devices.

These applications do not even have to be open for the ads to be displayed at the command of the cybercriminal. In addition, these apps can load additional modules that allow their icon to be hidden, as well as suddenly open a browser, application pages on Google Play and show YouTube videos, all interfering with the operation of the device.

Also, Kaspersky researchers have found two of these modpacks with basic functionalities. In this version, the application also shows full screen ads (even when the application is not running), but they cannot hide the icon and open the browser, YouTube or Google Play. For additional monetization, developers use the “in-app purchase” feature.

There are also other applications that steal social media accounts. In some cases, a fake advertising app and a fake client used for the advertising on TikTok were available on Google Play. Thus, if a user entered their Facebook credentials, their account was stolen.

“Unfortunately, removing these applications from official stores does not always mean defeating the malware as we have observed that developers upload new modified versions, with different developer names and accounts, to the store. Therefore, we strongly recommend installing a trusted security solution that prevents downloading of dangerous programs. It is important to act in this first stage to avoid possible threats and to be able to enjoy the video game,” says Igor Golovin, security expert at Kaspersky.

To stay safe from these types of applications, Kaspersky experts recommend the following:

  • Do not download mods of suspicious pages or pirated programs. Cybercriminals are aware of people’s desire for free, and they take advantage of it through malware hidden in a number of functionalities.
  • Install an antivirus on your phone, such as Kaspersky Internet Security for Android.
  • Do not disconnect the antivirus while you play. The game mode of Kaspersky Security Cloud prevents the antivirus from consuming excessive system resources during the game. This way, it doesn’t affect performance or frame rate, but it still takes care of security.
  • Reinstalling the browser or playing with the settings will not get rid of the malware, the user has to identify the malicious application. The device will display a complete list of applications in the settings, (Settings → Applications and notifications → Show all applications). Remove the application from this list and the malware.
  • Buy games responsibly. Please check the reliability of the application and distribution account before downloading a game.

Rachel Maga
Rachel Maga is a technology journalist currently working at Globe Live Media agency. She has been in the Technology Journalism field for over 5 years now. Her life's biggest milestone is the inside tour of Tesla Industries, which was gifted to her by the legend Elon Musk himself.