Minecraft cheaters hit with instant karma trying to steal accounts

Minecraft players attempting to use stolen "alt" accounts are falling victim to a ransomware attack, according to a threat research report by cybersecurity firm FortiGuard Labs on 28th October. The firm reported that a variant of the Chaos ransomware virus targets Minecraft gamers in Japan by masquerading as a text file containing a list of stolen Minecraft accounts. All I can say is that karma is a b*tch.

Minecraft cheaters try to steal accounts but download viruses instead

According to FortiGuard Labs, the Minecraft ransomware virus is being posted to Japanese Minecraft forums and uses a text icon to fool victims into thinking it's a text file rather than an executable program.

Once downloaded, victims will open the "text file," and the virus is executed. Followingly, the virus begins to encrypt small files (around 2 MB in size) and appends the files with four random characters as a file extension. Files larger than 2 MB with specific file extensions are irrevocably destroyed by having random bytes inserted into their code. The virus also deletes backup copies of the files, so the victim can never recover them.

Once the encryption process is complete, a "Read Me" text file is displayed on the desktop, prompting the victim to pay the equivalent of $17 in bitcoin or prepaid voucher cards. The virus also changes the desktop background, presumably as a way of alarming the victim further.

While the ransom itself is hardly comparable to the outrageous demands of most other ransomware attacks, it's important to note that even if the victim paid the ransom, they would not be able to recover files larger than 2 MB.

We're unsure whether the attacker was unironically considerate toward their victim's financial situation or whether the reasoning behind the mere $17 ransom was perhaps more sophisticated. However, it is clear that the ransomware virus was engineered to target Japanese users specifically.

FortiGuard Labs concluded that there's "nothing fancy about this Chaos ransomware variant." However, they note that regardless of the cheap ransom demand, "its ability to destroy data and render it unrecoverable makes it more than a mere prank to annoy Japanese Minecraft gamers."

Beyond this, ransomware is still ransomware, with potentially devastating consequences. Therefore, the cybersecurity firm contends that it's best that Minecraft players stay clear from dodgy cheat providers and "enjoy the game the way it was meant to be played" -- and we agree.

• Read more: Dream denies rigging new Minecraft mob vote, despite being suspended on Twitter.

Check out our dedicated Minecraft section for more news, updates, and related content.

Featured image courtesy of Mojang.