The malicious software is apparently distributed via “Minecraft” character skins created in the PNG file format and uploaded to the game’s official website by fans. Skins modify a player’s avatar and they’re quite popular. Avast estimates nearly 50,000 “Minecraft” accounts have been infected.
“The malicious code is largely unimpressive and can be found on sites that provide step-by-step instructions on how to create viruses with Notepad,” Avast said. “While it is fair to assume that those responsible are not professional cybercriminals, the bigger concern is why the infected skins could be legitimately uploaded to the ‘Minecraft’ website. With the malware hosted on the official ‘Minecraft’ domain, any detection triggered could be misinterpreted by users as a false positive.”
“Minecraft” is one of the biggest games in the world. It’s sold more than 144 million copies since its launch in 2009. Microsoft bought both the game and its developer, Mojang, for an estimated $2.5 billion in 2014. In a recent interview with PopSugar, Helen Chiang, the new head of “Minecraft” at Microsoft, said the sandbox game now has 74 million active players worldwide. This makes it a ripe target for hackers, but Avast said only a small percentage of the player base actively uploads modified skins, which has kept infection numbers low.
Avast said anyone who downloaded modified skins should run an antivirus scan. Some might need to reinstall the game or, in extreme cases, restore data on their hard drives. Infected users might also receive unusual messages in their inboxes with subjects like “You Are Nailed, Buy A New Computer This Is A Piece Of Sh*t,” “You have maxed your internet usage for a lifetime,” or “Your a** got glued.”
Avast said it contacted Mojang and they are working on fixing the vulnerability.