A new malware campaign is specifically targeting Minecraft users with a Java-based attack chain facilitated by the Stargazers Ghost Network. This malicious distribution-as-service leverages thousands of GitHub accounts to create repositories that mimic cracked software and game mods. The malware, which impersonates tools like Oringo and Taunahi, remains undetectable by antivirus engines. The end goal is to trick users into downloading tainted mods that deliver a sophisticated .NET information stealer, capable of extensive data theft once executed while playing Minecraft.
The campaigns resulted in a multi-stage attack chain targeting Minecraft users specifically, utilizing the Stargazers Ghost Network to deliver malicious payloads.
The malware was impersonating Oringo and Taunahi, which are 'Scripts and macros tools' (aka cheats), developed in Java to evade detection.
The final payload is a .NET information stealer that achieves comprehensive data theft, showcasing the complex nature of the attack.
Malicious repositories masquerade as Minecraft mods, delivering a Java loader that evades all antivirus detection, illustrating the innovation in malware distribution.
Collection
[
|
...
]