Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,176
Content source
https://www.bleepingcomputer.com/news/security/microsoft-warns-of-new-minecraft-ddos-malware-infecting-windows-linux/
A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers.

The botnet was discovered by Microsoft's Threat Intelligence team, who report that once it infects a device, it can self-spread to other systems on the network by brute-forcing SSH credentials.

"Our analysis of the DDoS botnet revealed functionalities specifically designed to target private Minecraft Java servers using crafted packets, most likely as a service sold on forums or darknet sites," explains the new report by Microsoft.

Currently, most of the devices infected by MCCrash are located in Russia, but there are also victims in Mexico, Italy, India, Kazakhstan, and Singapore.
Click to expand...
www.bleepingcomputer.com

Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux

A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers.
www.bleepingcomputer.com www.bleepingcomputer.com

www.microsoft.com

MCCrash: Cross-platform DDoS botnet targets private Minecraft servers | Microsoft Security Blog

The Microsoft Defender for IoT research team analyzed a cross-platform botnet that infects both Windows and Linux systems from PCs to IoT devices, to launch distributed denial of service (DDoS) attacks against private Minecraft servers.
www.microsoft.com www.microsoft.com
 
  • Like
Reactions: R3j3ct, vtqhtr413, SeriousHoax and 5 others
Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,593
silversurfer said:
www.bleepingcomputer.com

Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux

A new cross-platform malware botnet named 'MCCrash' is infecting Windows, Linux, and IoT devices to conduct distributed denial of service attacks on Minecraft servers.
www.bleepingcomputer.com www.bleepingcomputer.com

www.microsoft.com

MCCrash: Cross-platform DDoS botnet targets private Minecraft servers | Microsoft Security Blog

The Microsoft Defender for IoT research team analyzed a cross-platform botnet that infects both Windows and Linux systems from PCs to IoT devices, to launch distributed denial of service (DDoS) attacks against private Minecraft servers.
www.microsoft.com www.microsoft.com
Click to expand...
From the BleepingComputer article:
Starts with pirated software

Microsoft says that devices are initially infected with MCCrash after users install fake Windows product activator tools and trojanized Microsoft Office license activators (KMS tools).

The cracking tools contain malicious PowerShell code that downloads a file named 'svchosts.exe,' which launches 'malicious.py,' the primary botnet payload.

MCCrash then attempts to spread to other devices on the network by performing brute-force SSH attacks on IoT and Linux devices.
Click to expand...
 
  • Like
Reactions: R3j3ct, harlan4096, SeriousHoax and 1 other person
vtqhtr413

vtqhtr413

Level 26
Verified
Top Poster
Well-known
Aug 17, 2017
1,491
Hackers were seen, once again, using Minecraft to distribute infostealers among the gaming community, capable of hijacking cryptocurrency transactions, stealing Discord authentication tokens, as well as cookies and login data saved in browsers.

According to cybersecurity researchers at Bitdefender, unknown hackers managed to compromise several developer accounts on CurseForge and Bukkit. These are modding communities where Minecraft fans meet to build and share various mods and plugins for the popular sandbox game.

The mods and plugins found on those accounts were then infected with the abovementioned infostealing malware. Given that they were subsequently added to different modpacks, their downloads are being counted in the millions, the researchers are saying.
Click to expand...
www.techradar.com

Hackers are attacking Minecraft to push malware once again

Modders are being targeted with infostealers
www.techradar.com www.techradar.com
 
  • Like
Reactions: R3j3ct
You must log in or register to reply here.

Similar threads

Orchid
    • Like
New Mirai malware variant infects Linux devices to build DDoS botnet
Replies
5
Views
591
News Archive
MuzzMelbourne
MuzzMelbourne
MuzzMelbourne
    • Like
    • +Reputation
New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
Replies
0
Views
834
News Archive
MuzzMelbourne
MuzzMelbourne
vtqhtr413
    • Like
    • +Reputation
Security News TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service
Replies
4
Views
951
Security News
Jonny Quest
Jonny Quest

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top