Minecraft cheaters tried to steal accounts and instead downloaded ransomware
According to cybersecurity agencies, Minecraft cheaters in Japan are suffering from some instant karma Fortinet. Wannabe hackers are becoming the target of data-damaging ransomware that disguised as a list of stolen Minecraft accounts.
Such a list is theoretically attractive to players who want to be anonymous to prevent the main account from being blocked, most obviously to avoid cheating, grief, and other bad behaviors. Although it is not clear how many Japanese Minecraft players fall into the ransomware trap, Fortinet has detailed the effect of this attack.
According to Fortinet, ransomware will temporarily damage files smaller than 2 MB until the victim pays 2,000 yen (approximately $17) to rescue them. But this did not give the victim a chance to save everything. When they open an executable file, any files larger than 2 MB with various extension types (listed on the Fortinet website) are filled with random bytes, destroying them permanently. It deletes any Windows backup copies of the files, so you cannot simply restore them. It also posted a ransom note on the user’s wallpaper. The only thing it doesn’t do is get any of your data. How considerate.
The attackers demanded the use of prepaid cards for online shopping, games, music, mobile phones and streaming services as payment. The best part is that, according to Fortinet, the ransom note says that the attacker is “available only on Saturdays and apologizes for any inconvenience caused.” Even if the victim pays the fee, only files smaller than 2 MB can be recovered.
Ransomware is Chaos Ransomware Has been touring since June. It was discovered that other variants of Chaos ransomware infect all hard drives of the system and completely disable Windows recovery mode.
As always, whether you want to cheat on Minecraft or otherwise, downloading and running executable files from rough sources is a bad idea. (But don’t try to cheat on Minecraft.)