Watch Out: Spyware Is Hiding in Minecraft Mods on GitHub
If you thought Minecraft mods were just harmless fun, think again. A sneaky new spyware campaign is targeting players by hiding malicious code inside popular mods, and it’s spreading on GitHub—the official home for tons of open-source projects. Check Point Research (via Bleeping Computer) calls this operation Stargazers Ghost, and it’s a well-organized, multistage attack likely run by a Russian-speaking group.
What’s at stake? Your Minecraft login details, plus passwords for other game launchers, social media accounts, and chat apps. If the malware manages to get a foothold, it goes hunting for browser data and even cryptocurrency wallets. The attackers are banking on the popularity of Minecraft, especially with a recent blockbuster movie pushing more kids into the game—and kids are often less wary of dodgy downloads.
The malware has infected over 500 GitHub repositories by sneaking into Java installers for Minecraft mods, avoiding many antivirus programs. Since GitHub is usually a trustworthy place for developers, it can fool even cautious users—especially younger ones.
To stay safe, Bleeping Computer advises checking out GitHub pages carefully, trying mods on disposable “burner” accounts, or better yet, sticking to official mods available on Minecraft’s Bedrock Edition. It might not be as exciting, but it’ll keep you—and your kids—safe.