Scammers have now begun taking advantage of the Minecraft sandbox video clip game’s wild accomplishment by building Google Play applications.
These applications surface to be Minecraft modpacks, but in its place supply abusive ads, as per researchers.
Because Minecraft was designed in Java, it was easy for third-party developers to create compatible applications or these “modpacks” to enhance and customize the gaming experience for players.
The reason why the game is so popular is basically the fact it builds certain skills within the players which have also been touted by parents and educators as beneficial (especially for kids).
Since July, Kaspersky researchers have found more than 20 of these apps and determined that they have been downloaded on more than a million Android devices.
Among those 15,000 Minecraft mods lurk at least 20 that Kaspersky researchers were able to identify as malicious. Google Play has removed all but five of the malicious titles, Kaspersky said: Zone Modding Minecraft, Textures for Minecraft ACPE, Seeded for Minecraft ACPE, Mods for Minecraft ACPE and Darcy Minecraft Mod are still up and available.
As per Kaspersky, once the modpack malware is installed on the Android device, it only allows itself to be opened once, and once opened, the app is glitchy and useless — exactly how it’s intended to work.
“The frustrated user closes the app, which promptly vanishes. More precisely, its icon disappears from the smartphone’s menu. Because the ‘modpack’ seemed glitchy from the start, most users, especially kids and teens, won’t waste time looking for it,” a report reads by researchers.
“The sample we examined automatically opened a browser window with ads every two minutes, greatly interfering with normal smartphone use. In addition to the browser, the apps can open Google Play and Facebook or play YouTube videos, depending on the [command-and-control] server’s orders. Whatever the case, the constant stream of full-screen ads makes the phone practically unusable,” the report continued.
Researchers said reinstalling the browser or messing with the settings would be the next likely troubleshoot, but that won’t get rid of the malware either.
First, the user needs to identify the malicious app. The device will display a full list of apps under settings, (Settings → Apps and notifications → Show all apps). Delete the app from this list and the malware should be gone.
“Fortunately, the misbehaving modpacks get removed entirely with deletion and do not try to restore themselves.”
However, researchers suggest that in order to avoid malicious apps for the parents and kids they should know where to look. For instance, they pointed out that although two of the malicious modpacks have different publishers, the descriptions are identical, “down to the typos.”
The app ratings also offer a clue something is fishy. Kaspersky pointed out that the average rating was in the three-star neighborhood, but that’s because there were extreme reviews on either end of the spectrum, one-star or five-stars.
Users complain that the app doesn't work and just deletes itself |
“That kind of spread suggests that bots are leaving rave reviews, but real users are very unhappy,” the report added. “Unfortunately, in this case, the cybercriminals are targeting kids and teenagers, who may not pay attention to ratings and reviews before installing an app.”