Kaspersky experts have found new malicious apps that exploit the Minecraft game to further a fraudster’s objectives. Minecraft is one of the popular video games for creating and breaking various kinds of blocks in three-dimensional worlds. And since it is a popular game, it is not surprising that it has attracted the attention of fraudsters.
Earlier, Kaspersky researchers discovered more than 20 malicious apps on the app stores offering additional Minecraft features and they were later removed from official stores. The cybersecurity firm has now found newly developed ones that are spreading adware or stealing social media credentials.
“Kaspersky researchers analyzed various apps, including those which are available for download on the Google Play store and claimed to be modpacks (user-created packages with additional gameplay elements) for the game. As a result, the company’s experts found various malicious apps spreading adware or stealing social media credentials,” the company said.
The researchers discovered several apps distributing adware, a software that bombards users with unwanted ads, disrupting the normal use of their devices. Kaspersky says “these apps do not even have to be open for advertisements to be shown at a fraudster’s command. Moreover, these apps can load additional modules that allow its icon to be hidden, as well as suddenly open a browser, app pages in Google Play and show YouTube videos, all of which interfere with the use of the smartphone.”
Kaspersky researchers also found two such modpacks with basic functionality. In this version, “the app also shows full-screen ads (including when the application is not running) but they cannot hide the icon and launch a browser, YouTube or Google Play,” Kaspersky said. For additional monetization, the developers are using the “in-app purchase” feature.
There are also several other applications, which steal social media accounts. As per the cybersecurity firm, in one of the cases, a fake ad network app and a fake client used for advertising on TikTok were available on Google Play. If a user entered their Facebook credentials, their account would then be stolen.