Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data

Description

A multistage malware campaign targeting Minecraft users has been discovered, distributed through the Stargazers Ghost Network on GitHub. The malware impersonates popular Minecraft mods and cheats, using a Java-based downloader that evades detection. The infection chain includes multiple stages: a Java loader, a Java stealer, and a .NET stealer. The malware steals gaming credentials, browser data, cryptocurrency wallets, and other sensitive information. The campaign, likely of Russian origin, exploits the popularity of Minecraft mods to spread malware, highlighting the risks in gaming communities. Over 1500 potential infections have been recorded based on Pastebin hits.