GoKawiilA large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January.
The malware is distributed through Minecraft-related malicious mods, clients, cheats, and utilities that are promoted over YouTube and SEO (search engine optimization) poisoning.
WeedHack works as a malware-as-a-service (MaaS) infostealer operation that offers a dashboard for customers to see stolen credentials and information on compromised systems.
Telemetry data from cybersecurity company McAfee shows that WeedHack has impacted 116,464 systems, averaging between 2,000 and 3,000 infections every day. Most victims are in the United States, Germany, India, and the UK.
The scale of the operation is reflected in the more than 240 distribution URLs and 3,820 unique malicious JAR files.
WeedHack malware distribution
In a report today, McAfee researchers say that the WeedHack campaign reaches victims mainly through YouTube videos showcasing Minecraft-related tools and SEO poisoning promoting them.
On the video platform, the attacker drops download links in descriptions and comments. Some of the videos are well-made, featuring voice-over narration for authenticity, and have accumulated more than 7,500 views.
YouTube video promoting malicious Minecraft mods
Source: McAfee
... continue reading