Skip to main content

Minecraft players are under attack - but it might not actually be all bad

Minecraft
(Image credit: Microsoft/Mojang)

A new variant of the Chaos ransomware is attacking Minecraft players looking to get their hands on alternate accounts to cheat or circumvent bans.

Microsoft owned-Minecraft is one of the most popular games in recent times, though its popularity has also resulted in an influx of cheaters to the platform.

While Minecraft routinely catches and bans cheaters, many rely on alternative or "alt" accounts, to continue their nefarious activities. 

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

Recently, cybersecurity researchers from Fortinet Labs discovered a variant of the Chaos ransomware hidden in a file that pretended to contain a list of such Minecraft alt accounts.

Cheating cheaters

In a post detailing the activity, Fortinet researchers Shunichi Imano and Fred Gutierrez argue that the ransomware appears to target Minecraft players in Japan.

Analyzing the variant, the researchers note that the ransomware searches for and encrypts all files smaller than 2MB. However, bigger files of certain file types are overwritten with random data, rendering them unrecoverable even after the payment of the ransom.

Furthermore, although the malware doesn’t exfiltrate the encrypted data, it does delete shadow copies from the compromised machines, further complicating recovery. The attackers demand cryptocurrency worth 2,000 Yen or about $17.5.

“Despite its cheap ransom demand, its ability to destroy data and render it unrecoverable makes it more than a mere prank to annoy Japanese Minecraft gamers….The best advice is for players to stay off suspicious gaming cheat sites and simply enjoy the game the way it was meant to be played,” conclude the researchers.

Use one of the best endpoint protection tools to add another layer of defense against such file-borne cyberattacks

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.