A newly discovered malware campaign, dubbed Weedhack, has been targeting Minecraft users since January 2026, with attackers impersonating Minecraft clients and mods to gain control of victims' systems. The campaign, identified by McAfee Labs, utilizes malware-as-a-service (MaaS) to spread the infection, primarily through YouTube. This campaign is notable for its focus on Minecraft players, with the malware capable of taking control of infected systems. Additionally, the CountLoader malware has infected over 86,000 systems, often spread through pirated content. The Weedhack campaign highlights the risks associated with downloading unauthorized or pirated software, as these often serve as vectors for malware distribution1. This matters to cybersecurity practitioners because it underscores the importance of verifying the authenticity of software downloads, particularly in popular online communities like Minecraft, to prevent the spread of malware and protect user systems.
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
⚡ High Priority
Why This Matters
The Minecraft-focused malware-as-a-service (MaaS) campaign has been codenamed Weedhack by McAfee Labs, stating the activity has been active since January 2026 and impersonates.
References
- The Hacker News. (2026, June 3). Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content. *The Hacker News*. https://thehackernews.com/2026/06/weedhack-attacks-minecraft-users.html
Original Source
The Hacker News
Read original →