Key facts
- A malware-as-a-service called WeedHack is targeting Minecraft players.
- WeedHack is available for as low as $5 per month.
- The malware has logged over 116,000 malicious hits.
- Attackers use WeedHack for cyberbullying, spying, and stealing information.
- WeedHack spreads through YouTube and SEO poisoning tactics.
- The malware can steal credentials, cryptocurrency wallet information, and grant remote access.
Minecraft players are being targeted by a new malware-as-a-service (MaaS) called WeedHack, which is readily available on the open web for as little as $5 per month. Researchers from McAfee Labs reported that the campaign has already logged over 116,000 malicious hits, with 2,000 to 3,000 new hits occurring daily. The malware is spread primarily through YouTube videos promoting Minecraft mods and clients, as well as through SEO poisoning tactics that rank fake websites. WeedHack offers various subscription tiers, including a free version that can steal session IDs, system information, screenshots, cookies, and credentials from 36 browsers and 56 browser-based crypto wallets. The premium tier, costing $5 per month, provides additional remote access capabilities such as webcam access, keylogging, reverse shell execution, and file management. McAfee Labs observed a Telegram channel for WeedHack customers with over 850 members, many of whom appeared to be teenagers and young adults using the service for cyberbullying, harassment, and spying on victims. The report highlights the increasing accessibility and power of malware, making it a significant threat to young gamers.