Minecraft cheaters try to steal accounts, download ransomware instead

Japanese Minecraft players looking for stolen accounts are getting duped by malware.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Minecraft cheaters in Japan are being hit with some instant karma, according to cybersecurity outfitFortinet. Wannabe hackers are being targeted by data-destroying ransomware that masquerades as a list of stolen Minecraft accounts.

Such a list is theoretically attractive to players who want to anonymize themselves to keep their main accounts from catching bans, most obviously to get away with cheating, griefing, and other bad behavior. While it’s unclear how many Japanese Minecraft players have fallen for the ransomware trap, Fortinet has detailed what the attack does.

Minecraft update: What’s new?Minecraft skins: New looksMinecraft mods:  Beyond vanillaMinecraft shaders: SpotlightMinecraft seeds: Fresh new worldsMinecraft texture packs: PixelatedMinecraft servers: Online worldsMinecraft commands: All cheats

According to Fortinet, the ransomware temporarily corrupts files smaller than 2 MB until the victim has paid 2,000 yen (about $17) to rescue them. But it doesn’t give the victims a chance to save everything. When they open the executable, any files that are larger than 2 MB and have a variety of extension types (a list can be found on Fortinet’s site) are filled with random bytes that permanently destroy them. It deletes any Windows backup copies of the files so you can’t simply restore them either. It also plasters a ransom note on the user’s wallpaper. The only thing it doesn’t do is take any of your data. How considerate.

The attacker demands prepaid cards for online shopping, gaming, music, mobile phones, and streaming services as payment. The best bit is that, according to Fortinet, the ransom note says that the attacker is “available only on Saturdays and apologizes for any inconvenience caused.” Even if the victim pays the fee, only the files smaller than 2 MB can be restored.

The ransomware is a variant of theChaos ransomwarethat’s been making the rounds since June. Other variants of the Chaos ransomware were found to infect all of a system’s hard drives as well as disable Windows recovery mode entirely.

As always, whether you’re trying to cheat at Minecraft or otherwise, downloading and running executables from sketchy sources is a bad idea. (But don’t try to cheat at Minecraft, either.)

The biggest gaming news, reviews and hardware deals

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Tyler has covered videogames and PC hardware for 15 years. He regularly spends time playing and reporting on games like Diablo 4, Elden Ring, Overwatch 2, and Final Fantasy 14. While his speciality is in action RPGs and MMOs, he’s driven to cover all sorts of games whether they’re broken, beautiful, or bizarre.

Palworld developer reports Nintendo’s suing over 3 Pokémon patents for only $66,000 in damages, but a videogame IP lawyer says fighting the lawsuit could mean ‘burning millions of dollars’

No Man’s Sky gets cross-save on a dozen platforms and brings back Mass Effect’s Normandy as a limited-time rewar

Today’s Wordle answer for Saturday, November 9