Bethany Alvaro 
Uncovered by McAfee Labs, the malware-as-a-service (MaaS) campaign called WeedHack pretends to be a free Minecraft mod; however, once downloaded onto a computer, the malware can access and steal user data.
Through realistic-looking websites that replicate legitimate Minecraft mod downloads, malicious actors using the MaaS campaign can sneak into a victim’s computer.
“WeedHack underscores the persistent and evolving nature of cyber threats facing Australia, as well as the resourcefulness of cyber criminals,” Tyler McGee, head of APJ at McAfee, told Cyber Daily.
WeedHack is available to users for free, so long as they have internet access and a Discord account. A “premium” upgrade is available for as little as US$5 a month.
Concerningly, this upgraded MaaS feature allows malicious users to access live webcam, screen sharing, and command control of the computer and its files.
In its report, McAfee identified that one of the main reasons why WeedHack is being used is for cyber bullying.
The company uncovered that a large percentage of the MaaS users were teenagers and young people, with online threats, intimidation, and harassment being a common use of the features WeedHack deploys.
“This particular campaign, however, speaks to the widening access of malware-as-a-service (MaaS) and how it’s being used not only for financial gain but for harassment and intimidation of gamers by their own peers,” McGee said.
McGee warns that without proper online protection, Aussies are at risk of falling victim to this campaign, with vigilance being critical to safe online gaming.
“And while the most affected countries are the US, Germany, India and the UK, we’ve observed Minecraft players are being targeted worldwide, including in Australia, meaning Australian Minecraft players need to be aware of the threats to the game safely,” he said.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.