Fans of Minecraft have been urged to exercise caution when installing add-ons and mods for their game after warnings from cybersecurity experts.
Researchers at Kaspersky have discovered a major rise in the volume of malware masquerading at Minecraft mods, particularly on the Google Play app store.
The malicious files won’t add to the Minecraft experience, but can make a victim’s smartphone or tablet unusable due to a deluge of annoying and intrusive adverts.
Minecraft malware
The add-ons identified by Kaspersky were said to be “were totally useless from a user perspective”, and after launching for the first time, simply hid their icons. The malicious apps repeatedly opened the device’s browser to display flash ads, as well as playing videos from YouTube and launching Google Play app pages, all of which could expose the victim to more threats.
The company notes that the Minecraft apps were “new, improved versions” of malware it had discovered in the past. This time around, the apps would open the browser every few moments, or display full screen ads, effectively making the device unusable.
Kaspersky says it has notified Google of its findings, with the malicious apps now removed from the store – but that’s no reason to let down your guard. Always make sure the apps and mods you download are from legitimate sources, and only use approved app stores for your downloads.
This is not the first time that Minecraft has been used as a lure by cybercriminals, with the game’s millions of fans acting as an appealing target for scammers and hackers.
In November 2020, security firm Avast flagged a number of malicious Minecraft-themed Android apps that were found to be charging unsuspecting users $30 a week after a free trial period expires.
The so-called “fleeceware” apps offered new skins, colorful wallpapers, or modifications for the game, but disproportionately charge users hundreds of dollars per month.