WeedHack malware as a service lets anyone hit Minecraft users with fake mods complete with infection rankings and manuals. McAfee tracked over 116000 compromised devices and up to 2000 new victims daily. The modding scenes casual download habits just ran into professional cyber threats.
The Minecraft modding world runs on trust. You find a cool mod on a forum or random download link, drop the jar in your folder, and hope it works. That model just got exploited at scale.
WeedHack is malware as a service for the Minecraft crowd
According to McAfee Labs the WeedHack campaign disguises malicious payloads as popular Minecraft mods. It is sold cheaply as a turnkey service with operation manuals infection rankings and everything a budding threat actor needs. The result is over 116000 infected devices globally with around 2000 new victims per day.
The malware targets the huge ecosystem of players who mod their game for performance extra features or technical tweaks. Distribution leans on exactly the unofficial channels many users have relied on for years. McAfee notes it is not just creators but everyday users who can now leverage the tool for targeted attacks or broader campaigns.
Numbers do not lie and neither does the setup
Over 116000 infections is not some small proof of concept. It is a functioning business model inside the Minecraft community. The daily rate shows it is still spreading fast in early June 2026. Leaderboards for infections turn it into a game for the attackers while players lose accounts data or worse.
- Fake mods mimic legitimate ones to fool users
- Service includes manuals and infection tracking
- Accessible to script kiddies not just advanced hackers
- Focus remains on the modding and multiplayer crowd
Official platforms have spent years building safer distribution with code signing and reviews. That work only helps if players actually use it. The people still googling for free versions of big mods are the exact demographic this campaign is optimized to hit.
News
Other
