Minecraft, a sandbox video game, remains one of the most popular games in the world with 74 million players around the globe, so it is not surprising that cyber criminals have developed malware and uploaded it to the game’s official website. To be more specific, researchers from Avast have identified the malicious Powershell script in downloadable skins created in the PNG file format – they are used to change the appearance of the game character. This shows that the author of malware is not a professional hacker. Security specialists say that the malicious script could be blocked by an up-to-date security application, which once again shows the importance of having security software enabled on the system. Of course, there is a risk that users would not allow the security application to delete those skins assuming that they must be safe since they were downloaded from the official website, which makes this malware even more dangerous.
It has been reported that nearly 50, 000 Minecraft players could have been exposed to malicious software by downloading skins containing the malicious code from the Minecraft’s website. These Minecraft skins can be uploaded to the official website from third-party online sources by anyone, which explains how this malicious application has ended up on the website and managed to affect so many players. If you wonder whether you are one of them, try to remember whether you have downloaded any skins similar to those provided below recently:
If you are sure you have downloaded similar skins, you should run an up-to-date antimalware scanner or check your Task Manager – the malicious software creates the process named tourstart.exe that might considerably slow down the computer. Also, you might start receiving strange and insulting messages in your account’s inbox. Several examples are provided below:
“You Are Nailed, Buy A New Computer This Is A Piece Of Sh*t”
“You have maxed your internet usage for a lifetime”
“Your a** got glued”
Last but not least, you might be presented with error messages related to your hard drive formatting.
Since we have already talked about the distribution mechanism of malware targeting Minecraft users and you already know how to find out about its entrance, let’s analyze what it is capable of. Researchers say that this infection has, most probably, been designed to perform only two malicious activities. First, reformat hard drives and, second, delete system programs and backups. As can be seen, even though it uses the simple Powershell script, it might still cause many problems to Minecraft players who download the malicious skin.
Mojang, the company that has created Minecraft, has already taken action to make sure no more players are affected by harmful malicious software. The report released on the 18th of April, 2018 has explained that PNG files users could upload included “things other than an image, such as metadata, which includes information on what tool created it, when it was made, who made it, etc., which “mean that PNG files could be created containing code in this inert part of the skin file.” This is going to change to avoid future problems linked to malicious software: “To further protect our players, however, we deployed an update that strips out all the information from uploaded skin files other than the actual image data itself.”
If you suspect that it is already too late for prevention in your case, perform an in-depth scan with a powerful antimalware scanner. It will detect and remove all malicious files from your computer in no time. If it turns out that you have encountered the Minecraft malware and some files have been deleted by it from your machine, you will need to restore your data too, specialists say. Finally, in some cases, users might also need to reinstall the Minecraft application.
- Free images. Pixabay
- Minecraft Staff. Minecraft: Java Edition Skins Issue Update. Minecraft official website
- Popa, B. Malware That Can Format Hard Drives Infects 50, 000 Minecraft Accounts. Softopedia News
- Shah, S. Minecraft players warned over terrifying hack that could wipe your computer. The Sun