Security researchers have discovered a new strain of malware targeting Minecraft players over the PC that could potentially reformat hard-drives and delete critical data such as system programs and backup data. Nearly 50000 players of the immensely popular world-building game have been infected with the malware over the last 30 days, according to researchers from Avast's Threat Labs.
Researchers said the malicious Powershell script used a code similar to the one used to create Minecraft skins - a popular feature among Minecraft players that allow them to change the look of their Avatar. Although most players stick to the default skin provided by the Minecraft domain, the population of overall Minecraft players worldwide is constantly increasing, thus expanding the potential reach of the malware itself. Avast researchers have identified that the script used to create the same .png "skin" files were not likely made by professional hackers, despite the fact that these skins were found on the official Minecraft domain.
According to Avast, users that do download and install these malicious skins may get error messages related to hard-disk data formatting or any of the following crude messages:
"You Are Nailed, Buy A New Computer This is a Piece of Sh*t"
"You have maxed your internet usage for a lifetime"
"Your a** got glued"
Researchers further noted that the infection could lead to the slow down of the PC using simple tourstart.exe loop command.
Users are advised to scan PC with a free or paid antivirus program updated recently to eliminate the threat. If the overall game setup has been affected by the malware, users can download it again from the Microsoft store and reinstall it. However, if the PC has been completely infected and files compromised, a hard reset maybe required.
Minecraft owner Mojang has already confirmed that an update has been rolled out to resolve the skins issue.
Avast has also published the images of the malicious malware skins and a list of safer skins from the Minecraft domain. Some of the skins may resemble the below image. Users who have downloaded the same or similar skins a complete scan of PC is recommended.
Image Credit: Avast
The extremely popular world-building game has 74 million players from around the world as of January 2018 with a year-on-year growth average of nearly 20 million, and is particularly popular among kids.
Researchers believe it could likely be a trolling attempt by an inexperienced hacker.
"Although Minecraft is played by individuals across a broad demographic spectrum, the largest demographic is 15-21 year olds, which accounts for 43% of the user base," Avast researchers noted. "The bad actors may have looked to capitalize on a more vulnerable group of unsuspecting users that play a game trusted by parents and guardians. Pentesting is another possibility, but it’s more likely that the vulnerability was exposed for amusement - a more common mindset adopted by script kiddies."
Still, the fact that these malicious skins were found available on the official Minecraft domain does raise serious questions over its screening and security practices.