Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Malware has a terrible new way to get to your computer

You’ve heard of malware spreading through spammy emails and mysterious links on strange websites. But now there’s a new avenue of attack for bad actors to take — and it’s via Minecraft. Yes, you read it correctly. The open-world building game loved by seven-year-olds around the globe is quickly becoming a favorite method for spreading malware.

As reported by Bleeping Computer, Kaspersky Labs researched the phenomena from July 2021 until July 2022, and it found that in-game malware accounted for a significant amount of the malware that was spread in that time. Although there was a 30% drop in malware attacks in that year when compared to 2020, the amount of gaming-related malware actually increased. Minecraft on PC was the preferred vector.

Related Videos
A villager looks at a sunset.

In-game economies have grown in popularity as a way for developers to make money, with everything from new skins to enhanced weapons and tools available. Minecraft has an entire ecosystem of user-made goodies and mods available for download, and there are many off-platform sites where users can find free stuff to use in-game. Many kids cannot resist the lure of free skins and loot boxes for download, and this is where the malware hides.

Before we all dump our beloved Minecraft and jump over to Roblox, be warned that many other games are also platforms used to spread malware, according to Kaspersky. FIFA was the second-most used game after Minecraft, with 11% of in-game malware. Roblox, Far Cry, and the Call of Duty franchise also had significant amounts of malware attached to off-platform mods and downloads.

Computer games weren’t the only targets for malware. Mobile games had threats too. Grand Theft Auto, PUBG Mobile, and Roblox were all compromised, but once again, Minecraft led the pack with 40% of the mobile gaming malware threats. Minecraft remains a favorite for threat actors precisely because it is one of the most popular games out there.

Most of the malware Kaspersky found were downloaders, accounting for nearly 89% of all the malware. Adware, Trojans, and exploits made up a smaller share. Most of the downloaders were info-stealers and cryptocurrency miners.

You can avoid these pitfalls by only downloading mods and skins from trusted in-game stores. Downloads from off-platform websites and forums can introduce nasty malware to your device, which you may not realize is there until it’s too late. Also, if any developer tells you to turn off antivirus protection to make their mod work, run fast.

More importantly, keep a good eye on your child when they’re playing Minecraft or Roblox. You just never know when a cool new world with a real fire-breathing T-Rex is going to tempt them into downloading something onto your computer.

Editors' Recommendations

This new malware is targeting Facebook accounts – make sure yours is safe
Facebook logo appears with a hooded figure over a cracked blue background.

In the ongoing barrage of cyberattacks, Facebook users are being targeted by a new version of the Ducktail malware that originally surfaced in July. The first implementation was specifically aimed at Facebook Business accounts, but it has recently become a more widespread danger.

The latest version of Ducktail collects any and all Facebook data available on an infected computer. If it happens to be a business account, payment methods could be discovered, putting your money at risk. Furthermore, Facebook Business data might include billing information and cycles, which could be used to help disguise unauthorized purchases.

Read more
New COVID-19 phishing emails may steal your business secrets
Woman Checking Her Email

Google Forms are being used as a way to obtain the sensitive information of business owners through COVID-19 phishing emails, according to a new report.

As reported by Bleeping Computer, phishing messages based on COVID-19 have started to become increasingly popular in recent weeks.

Read more
New phishing method looks just like the real thing, but it steals your passwords
A MacBook with Google Chrome loaded.

Thanks to a new phishing method, hackers could steal all sorts of personal information by simply mimicking real login forms in Application Mode. This is a feature that's available in all Chromium-based browsers, which includes Google Chrome, Microsoft Edge, and Brave.

Using Application Mode allows threat actors to spread highly believable-looking local login forms that look like desktop applications. In reality, all inputs are sent to a malicious attacker.

Read more