MCCrash: Cross-platform DDoS botnet targets Private Minecraft Servers – Microsoft Warns

Onsa MustafaLast Updated: Dec 16, 2022
MCCrash DDoS botnet

Microsoft warned that a cross-platform botnet, MCCrash, launch distributed denial-of-service (DDoS) attacks against private Minecraft servers. The botnet follows a unique spreading mechanism that allows it to propagate to Linux-based devices despite originating from malicious software downloads on Windows hosts.

MCCrash: Cross-platform DDoS botnet targets Private Minecraft Servers – Microsoft Warns

“The botnet spreads by enumerating default credentials on internet-exposed Secure Shell (SSH)-enabled devices,” the company said in a report. “Because IoT devices are commonly enabled for remote configuration with potentially insecure settings, these devices could be at risk of attacks like this botnet.”

See Also: Minecraft on PC: How to download the game on PC

According to TheHackerNews, the malware could persist on IoT devices even after removing it from the infected source PC. The tech giant’s cybersecurity division is tracking the activity cluster under its emerging moniker DEV-1028.

A majority of the infections have been reported in Russia. Other countries that suffered from this attack are Kazakhstan, Uzbekistan, Ukraine, Belarus, Czechia, Italy, India, and Indonesia. However, the company did not disclose the exact scale of the campaign.

The initial infection point for the botnet is a pool of machines that have been compromised through the installation of cracking tools that claim to provide illegal Windows licenses.

The software subsequently acts as a conduit to execute a Python payload. This payload contains the core features of the botnet, including scanning for SSH-enabled Linux devices to launch a dictionary attack.

Upon breaching a Linux host using the propagation method. The same Python payload is deployed to run DDoS commands. However, one of these is specifically set up to crash Minecraft servers (“ATTACK_MCCRASH”).

The findings come days after Fortinet FortiGuard Labs revealed details of a new botnet dubbed GoTrim. This botnet has been observed brute-forcing self-hosted WordPress websites.

Check also: 12 Best Minecraft Faction Servers in 2023

PTA Taxes Portal

Find PTA Taxes on All Phones on a Single Page using the PhoneWorld PTA Taxes Portal

Explore NowFollow us on Google News!
Onsa MustafaLast Updated: Dec 16, 2022
Photo of Onsa Mustafa

Onsa Mustafa

Onsa is a Software Engineer and a tech blogger who focuses on providing the latest information regarding the innovations happening in the IT world. She likes reading, photography, travelling and exploring nature.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Get Alerts!

PhoneWorld Logo

Join the groups below to get the latest updates!

💼PTA Tax Updates
💬WhatsApp Channel

>