credentials Archives

AppWizard

June 19, 2025

‘Stargazers’ use fake Minecraft mods to steal player passwords

A malware campaign targeting Minecraft players has been identified, utilizing malicious mods and cheats to infect Windows devices with infostealers that steal sensitive information, including credentials and cryptocurrency wallets. The campaign, orchestrated by the Stargazers Ghost Network, has been active on GitHub and has previously infected over 17,000 systems with a new type of malware. Researchers found around 500 GitHub repositories linked to this operation, disguised as Minecraft mods. The malware employs a Java-based loader that downloads a stealer targeting Minecraft account tokens and user data, as well as Discord and Telegram tokens. It also includes a .NET-based stealer called '44 CALIBER,' which collects data from browsers, VPNs, and applications like Steam and Discord. The stolen data is sent via Discord webhooks, indicating a potential Russian origin for the operators. To protect against these threats, players are advised to download mods from reputable sources and use separate accounts for testing.

AppWizard

June 19, 2025

Malicious Minecraft mods distributed by the Stargazers DaaS target Minecraft gamers

Check Point researchers have discovered a malware campaign targeting Minecraft users, utilizing a distribution-as-a-service model called Stargazers. This malware, disguised as cheat tools, employs Java and .NET stealers to compromise player systems. The attackers have been active since March 2025, using GitHub repositories that appear to offer legitimate mods but contain malicious JAR files. The infection process begins with the installation of a compromised JAR file, which triggers a multi-stage attack that extracts sensitive data from Minecraft and Discord, as well as broader information like browser credentials and cryptocurrency wallet details. The malware is linked to Russian-speaking threat actors, and the Stargazers Ghost Network is identified as the distributor. The report highlights the need for caution when downloading third-party content in gaming communities.

BetaBeacon

June 19, 2025

This simple app lets you run your Steam games on Android, no streaming required

GameNative is a new app that simplifies playing Steam games on Android devices by utilizing the Pluvia fork and Winlator backend. It supports titles with DRM, offers performance and graphical enhancements, and allows for on-screen keyboard and controller overlays. Cloud saves are supported, but online features are not available. Users are advised to be cautious when entering Steam credentials and can enhance security by logging in via scanning a QR code in the Steam mobile app. Despite some bugs and crashes, GameNative offers a promising solution for playing Steam games on the go.

AppWizard

June 19, 2025

Elon Musk’s latest gaming take is ruthlessly mocked by Bioshock fans: ‘Probably thinks Andrew Ryan was the hero’

Elon Musk attempted to align himself with the No Kings protests in the U.S., which had over five million participants, to enhance his image on X. On June 15, he posted a message interpreted as a reference to protests against Trump, amid a contentious relationship with the former president. Musk had previously claimed credit for Trump's election victory, leading to Trump's threats to withdraw government subsidies for Musk's ventures. Reactions to Musk's post varied, particularly within the BioShock community, where fans noted the character Andrew Ryan's downfall. Musk has faced criticism for previous misinterpretations of gaming culture and was recently criticized for account boosting in Path of Exile 2. Speculation surrounds Musk's understanding of gaming narratives, especially regarding his reference to Andrew Ryan, whose ambitions lead to ruin.

AppWizard

June 19, 2025

Minecraft cheat tools may actually contain malware

Trojanized cheat tools for Minecraft hosted on GitHub have been found to install malware that extracts sensitive information from players. Check Point Research identified around 500 GitHub repositories involved, potentially compromising about 1,500 devices. This operation, active since March, is linked to Russian-speaking malware developers from the Stargazers Ghost Network. The malware, disguised as cheat tools like Oringo and Taunahi, initiates a multi-stage attack requiring Minecraft to be pre-installed. It first installs a malicious JAR mod that evades detection, then proceeds to steal Minecraft tokens, Microsoft account information, and data from platforms like Discord and Telegram. The final component captures credentials from web browsers, cryptocurrency wallets, VPN applications, and gaming platforms, sending the stolen data to a Discord webhook.

AppWizard

June 17, 2025

android users malware stay alert

A new strain of malware called "Crocodilus" is targeting Android users, designed to steal funds. It spreads through advertisements on social media that entice users to download an app with promises of rewards. Once installed, the malware can modify the user's contact list, adding numbers under trustworthy names like "Bank Support" to deceive victims. Security experts from Threat Fabric warn that this malware represents a significant threat and recommend that users only download apps from trusted sources like the Google Play Store, and to verify app developer credentials and user reviews before installation.

Tech Optimizer

June 16, 2025

Why cybersecurity awareness and insider risk management are essential for SMBs

Small and medium-sized businesses (SMBs) are increasingly exposed to cyber threats, with human error being the leading cause of data breaches. Employees may click on malicious links, use weak passwords, or fall for phishing scams, highlighting the need for ongoing cybersecurity awareness training and insider risk management. Comprehensive training programs can help employees identify and mitigate threats, while modern cybersecurity platforms offer monitoring for exposed credentials on the dark web and provide real-time alerts for compromised information. These platforms also feature automated reporting, allowing business owners to track training completion and identify areas of risk. Educated and supported employees can become a strong defense against cyber threats, making investment in human-focused cybersecurity tools essential for SMBs to protect their reputation and financial health.

Tech Optimizer

June 14, 2025

LinuxFest Northwest: Chaos Testing Of A Postgres Cluster On Kubernetes

LinuxFest Northwest recently celebrated its 25th anniversary at Bellingham Technical College in Washington, featuring a variety of presenters and workshops. The conference's video content is available on its YouTube channel, including a playlist for LinuxFest Northwest 2025. Trey Blalock from Verification Labs, an expert in penetration testing with credentials such as GCTI, GWAPT, and CISSP, was acknowledged for his contributions to the conference, emphasizing the importance of cybersecurity.

Tech Optimizer

June 12, 2025

That ‘unsubscribe’ link is actually a hidden security risk

The "click to unsubscribe" button in emails may pose a security threat, as engaging with it can lead users to malicious websites. TK Keanini, CTO at DNSFilter, noted that about one in every 644 clicks on such links can direct users to phishing sites designed to steal sensitive information and introduce malware. Experts advise skepticism towards unsubscribe requests from untrusted senders and recommend using "list-unsubscribe headers" in email clients for safer management of subscriptions. Alternatives include using spam filters, blacklisting senders, and employing disposable email addresses for added protection. Additionally, having robust antivirus software is crucial for safeguarding against potential malware threats.

Winsage

June 11, 2025

Microsoft fixes Windows Server auth issues caused by April updates

Microsoft has resolved an authentication issue that arose after the April 2025 security updates on Windows Server domain controllers, primarily affecting Windows Server 2016, 2019, 2022, and 2025. The problem, acknowledged in early May, involved difficulties with Kerberos logons or delegations reliant on certificate-based credentials due to the April monthly security update (KB5055523). This issue could lead to authentication failures in environments using Windows Hello for Business Key Trust or Device Public Key Authentication, impacting various software solutions. Microsoft released cumulative updates to fix these issues and recommended installing the latest security updates. For those still facing problems, a temporary registry adjustment was advised. The authentication issues were linked to security enhancements addressing a high-severity vulnerability (CVE-2025-26647) that could allow privilege escalation through an input validation flaw in Windows Kerberos. Microsoft had previously addressed related authentication issues in April and issued emergency updates in November 2022 for Kerberos sign-in failures affecting Windows domain controllers.