A new multi-stage malware campaign targets Minecraft players by disguising malicious Java loaders as mods and cheats, utilizing the Stargazers Ghost Network and GitHub repositories. The malware ultimately steals sensitive data like credentials, tokens, and system information through a second-stage stealer, posing a significant threat to gaming communities and personal data security. #StargazersGhostNetwork #MinecraftMalware
Keypoints
- The malware campaign employs Java-based loaders disguised as Minecraft mods to infect players.
- The attack utilizes the Stargazers Ghost Network, which leverages GitHub to distribute tainted repositories.
- The malware downloads a second-stage .NET stealer capable of exfiltrating credentials, tokens, and system data.
- The campaign is believed to be operated by a Russian-speaking threat actor and has affected over 1,500 devices.
- Additional malware, like variants of KimJongRAT, demonstrates ongoing threats involving data theft and espionage techniques.
Read More: https://thehackernews.com/2025/06/1500-minecraft-players-infected-by-java.html