Imagine, for a moment, that you are a malware developer tasked with selecting target groups for your harmful software. Instead of a random approach—which tends to be less effective—you might focus on vulnerable demographics, such as older adults who may lack technical savvy or children engrossed in video games.
Currently, the latter seems to be the target of a new wave of spyware cleverly concealed within mods for the ever-popular game, Minecraft, which is riding a surge in popularity thanks to a blockbuster animated film aimed at kids. The spyware, dubbed the “Stargazers Ghost” network, is reportedly a for-hire operation based in a Russian-speaking region.
It seeks to harvest login credentials for Minecraft accounts, various third-party launchers, and informants from social media and text messaging apps. The malicious software consists of a second-stage component designed to gather sensitive personal information stored in browser caches and other applications, with a particular focus on stealing usernames, passwords, and even cryptocurrency.
The malware has been disseminated across more than 500 repositories on GitHub, making it particularly deceptive. By embedding the spyware in seemingly benign Minecraft Java installers, the malware can evade many antivirus defenses.
Hosting these files on GitHub, which, like Minecraft, is owned by Microsoft, adds another layer of deceit. While GitHub primarily serves as a platform for collaborative software development, it now often hosts end-user software downloads.
This technical environment may appear more trustworthy to an uncritical observer, including a child. Although GitHub actively monitors its repositories for threats, the sheer volume of malware and sophisticated attacks can overwhelm a centralized security team.
To keep yourself and your children safe while exploring Minecraft mods, it’s crucial to thoroughly examine GitHub pages before downloading. Using a “burner” account for testing is another wise precaution.
Alternatively, consider restricting children’s access to only the official mods available in the game’s Bedrock Edition.