Minecraft players should be cautious about the mods they download, as a new report exposes a malicious campaign that steals sensitive personal data. While mods add fun and creativity to the game, some have been weaponized to infect Windows devices and harvest everything from passwords to cryptocurrency wallets.
The Check Point Research team discovered that a hacker group called the Stargazers Ghost Network is distributing malware via fake Minecraft mods and GitHub repositories. These malicious mods impersonate popular scripts or cheats like “Oringo” and “Taunahi,” running Java-based attacks that only activate if Minecraft is installed on the victim’s computer.
The attack unfolds in multiple stages, eventually compromising the user’s system to steal login credentials, authentication tokens, Discord messages, and cryptocurrency wallets. What’s scary is that these malicious repositories appear legitimate and remain undetected by all antivirus engines on VirusTotal because they specifically target Minecraft players.
Check Point Research has monitored these repositories since March 2025, warning that any player running such mods risks exposing sensitive information. Imagine spending hours building your dream world only to have your private data swiped away.
So, how can you protect yourself? Honestly, the best bet is only to download mods from trusted sources and keep antivirus software up to date. Always question any mod that seems too good to be true or comes from an unknown developer. After all, your digital safety is worth more than any in-game advantage.
What do you think about this security threat lurking in the Minecraft modding community?
