Weedhack malware campaign infects 116,000 mod-hungry Minecraft players systems… is attracting attention across the tech world. Analysts, enthusiasts, and industry observers are watching closely to see how this story develops.
This update adds another signal to a fast-moving sector where product decisions, platform changes, and competition can quickly shape the market.
When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
Cybercriminals are using YouTube to disseminate malware that targets Minecraft users and takes full control over their computers.
In January this year, security researchers McAfee Labs spotted a new malicious campaign dubbed Weedhack. In the campaign, the malicious actors created countless YouTube channels and standalone websites, through which they promoted links to Minecraft clients and mods.
With the help of Weedhack (apparently an enterprise-grade dashboard that also allows crooks to inject the malware into legitimate Minecraft mods), they created poisoned mods and clients which delivered a .JAR file called DonutDupe.jar.
This is a Java ARchive package format used in the Java ecoplatform to bundle multiple files into a single archive. This file starts a chain reaction that results in Windows Defender being disabled, platform information collected, and two additional payloads dropped, which establish persistence and enable remote access.
McAfee said the campaign accumulated a total of 116,464 hits, averaging approximately 2000 to 3,000 hits per day. Most of them are located in the US, with other notable mentions including Germany, India, the UK, Italy, Vietnam, Canada, Norway, Sweden, Finland, and Spain.
McAfee describes Weedhack as a ‘Minecraft-focused Malware-as-a-service’ (MaaS). The custom payloads target versions 1.21.0 to 1.21.11 of the game, while the dashboard allows malicious actors to view stolen credentials and exfiltrated platform information in a centralized manner. The MaaS is apparently being offered in Telegram channels in two tiers – free and paid, and while the free version comes with plenty of features (screenshot grabber, file exfiltrator), the paid one ($4.99 a month) offers webcam access, keylogging, and reverse shell execution.
“One of the key features that makes Weedhack unique is that it is hosted on the clear net and provides access to sophisticated malware for free,” McAfee’s researchers explained. “This difference in cost and ease of access with detailed tutorials on how to use the malware significantly reduces the barrier to entry for prospective customers. Furthermore, its ability to steal Minecraft accounts attracts a younger audience. Both of these factors complement each other and make the campaign much more lethal.”
➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
Please logout and then login again, you will then be prompted to enter your display name.
Why This Matters
This development may influence user expectations, future product strategy, and the competitive balance inside the broader technology industry.
Companies in adjacent segments often react quickly to similar moves, which is why stories like this tend to matter beyond a single announcement.
Looking Ahead
The full impact will become clearer over time, but the story already highlights how quickly the modern tech landscape can evolve.
Observers will continue tracking the next steps and how they affect products, users, and the wider market.
