Malware News Sweet Minecraft Mods – The Dark Tale of SugarSMP Scam, Malware & Extortion

This is their reply:

Hello,

No malicious software was found on the website you have sent. The malicious code was probably removed from the server.
If you have a local copy of the suspicious file, please send it in an archive with the password 'infected' (without quotes).

Best regards, Danila, Malware Analyst
Click to expand...

KOTIP does not know 495d1d500afc5ec700a0a15bf34862973e8e0152f9346b322a468cbe6e7c9d1e
 
  • Like
  • HaHa
  • +Reputation
Reactions: Halp2001, piquiteco, Captain Awesome and 3 others
harlan4096 said:
This is their reply:



KOTIP does not know 495d1d500afc5ec700a0a15bf34862973e8e0152f9346b322a468cbe6e7c9d1e
Click to expand...
opentip.kaspersky.com

Kaspersky Threat Intelligence Portal

Kaspersky Threat Intelligence Portal allows you to scan files, domains, IP addresses, and URLs for threats, malware, viruses
opentip.kaspersky.com opentip.kaspersky.com

the detected sample is also not on kotip.
just kaspersky things :cry:
 
  • Like
  • HaHa
  • Wow
Reactions: Halp2001, piquiteco, Parkinsond and 2 others
harlan4096 said:
This is their reply:



KOTIP does not know 495d1d500afc5ec700a0a15bf34862973e8e0152f9346b322a468cbe6e7c9d1e
Click to expand...
1773755146043.png
christmas tree detection but kaspersky misses :ROFLMAO:
When i run malware with K installed i get this message which is more 😂
1773755214783.png
 
Last edited by a moderator:
  • Wow
  • Like
Reactions: ForgottenSeer 116559, Halp2001, piquiteco and 2 others
Khushal said:
tell them it is intermittently serving malware and send gdata's blog link with iocs. Move it to category of not trusted.
Click to expand...
Hello,

The specified URLs were added to our blocklist.
Thank you for your help.

Best regards, Danila, Malware Analyst
Click to expand...
 
  • Like
Reactions: ForgottenSeer 116559, Jonny Quest, Halp2001 and 4 others
No, not a false positive:
Hello,

New malicious software was found in the attached file. Its detection will be included in the next update:
a10d308d0d3db17f8f87c5a9d0e7ed3791fb20b590b7a323476992107f54e0f6 - Trojan.Win32.Agent.xcdbml
Thank you for your help.

Best regards, Danila, Malware Analyst
Click to expand...
 
  • Like
Reactions: Jonny Quest, Halp2001, piquiteco and 2 others
For me, they are all blocked by Symantec Browser Protection, followed by Kaspersky, then Osprey, and shortly after that, the Norton Safe Web notification appears. I have already reported this to Google, Microsoft, Emsisoft, Netcraft, and McAfee because they failed to detect it. (y)

1773759634732.png

1773759678683.png

1773759787307.png
1773759895199.png
 
  • Like
  • +Reputation
  • Hundred Points
Reactions: Sampei.Nihira, Jonny Quest, harlan4096 and 3 others
A mod that seemed harmless ended up being used as a vehicle for deception and extortion, showing how attackers exploit trust within gaming communities to manipulate users. Several reports in the thread confirm that active defenses (antivirus, DNS blocking) managed to stop the threat, highlighting the importance of keeping these measures in place. 🎮🛡️⚠️
Click to expand...
 
  • Like
Reactions: piquiteco, Sampei.Nihira, Khushal and 2 others