Earlier this month, I reported on threat actors using Minecraft as a gateway into tricking users. More accurately, the name of Minecraft is being used to push third-party apps that are less than honorable and using fleeceware on unsuspecting users. It seems the problem is even more extensive than first though.
In fact, security firm Kaspersky now says Minecraft being used by bad actors extends beyond simply monetary scams. Specifically, applications claiming to have modpacks for the game are really placing extremely intrusive ads on Android devices.
Naturally, the problem starts on Google Play, where the apps are uploaded. Kaspersky says Google has been actively removing adware applications associated with Minecraft. However, the company points out the following five remain on the store:
- Zone Modding Minecraft,
- Textures for Minecraft ACPE,
- Seeded for Minecraft ACPE,
- Mods for Minecraft ACPE,
- Darcy Minecraft Mod.
These five apps range from mostly unknown (500 installs) to very popular (over 1 million installs). They come from different publishers but the noted modpacks seems to be largely the same across some of the apps.
Each of the apps plays the classic trick of having bot reviews leaving 5-star reviews. You know the ones, those that say, “this app changed my life”. Although, mixed in with those fake 5-star reviews are a sea of 1-star comments, no doubt the true reflection on these applications.
Google has since removed all the apps mentioned by Kaspersky.
If you are a Minecraft fan, you are not alone if you downloaded one of these fake mudpack apps. If you have the app on your Android device, you will know it does not load any mod.
Users who do not remove the application will find it will remain on the device and will star displaying ads. Browser windows open and ads become increasingly obtrusive. For unsuspecting users, they will have no idea it is the Minecraft mudpack app causing the problem.