Researchers uncovered Weedhack, a Minecraft-themed malware-as-a-service campaign spread through YouTube and SEO poisoning that uses malicious JAR files, EtherHiding, and a multi-stage infection chain to steal data and enable remote control of victims’ systems. McAfee Labs also reported related campaigns including CountLoader infections and a pirated-content operation delivering SilentCryptoMiner, with #Weedhack #McAfeeLabs #CountLoader #SilentCryptoMiner
Keypoints
- Weedhack targets Minecraft players with malicious clients and mods shared through YouTube.
- The campaign uses SEO poisoning, malicious URLs, and EtherHiding to deliver its payloads.
- Weedhack provides stolen credentials, system data, and remote access through a dashboard.
- CountLoader has infected about 86,000 machines and can deploy a crypto clipper.
- Pirated streaming sites are being used to spread SilentCryptoMiner via fake updates and DLL side-loading.
Read More: https://thehackernews.com/2026/06/weedhack-attacks-minecraft-users.html