Minecraft is the world’s most popular videogame, which means it is a prime target for threat actors. Even so, attacks are relatively rare. However, Microsoft is now confirming that there is a cross-platform botnet that can be used to launch DDoS attacks on Minecraft servers.

In a blog post to confirm the situation, Microsoft describes the potential threat in the following way:

“The Microsoft Defender for IoT research team recently analyzed a cross-platform botnet that originates from malicious software downloads on Windows devices and succeeds in propagating to a variety of Linux-based devices.

The botnet spreads by enumerating default credentials on internet-exposed Secure Shell (SSH)-enabled devices. Because IoT devices are commonly enabled for remote configuration with potentially insecure settings, these devices could be at risk to attacks like this botnet. The botnet’s spreading mechanism makes it a unique threat, because while the malware can be removed from the infected source PC, it could persist on unmanaged IoT devices in the network and continue to operate as part of the botnet.”

Microsoft dubs the botnet “MCCrash” and says the infection started through devices that were infected through cracking tools that are typically used to find Windows licenses. In its post, the company offers the following attack flow that shows how the botnet spreads:


In its report, Microsoft says infections are happening in Italy, India, Russia, Ukraine, Belarus, Indonesia, Nigeria, Mexico, Columbia, and Cameroon.

Minecraft Attacks

Back in September, security research firm Kaspersky highlighted how Minecraft is the game most likely to be targeted for cyberattacks. Kaspersky says bait attacks on the game affected 131,005 users between July 2021 to June 2022, with 23,239 malware files sent.

According to Statista, attackers are attracted to the gaming market, which amounts to an estimated $268.8 billion. In other words, it is a huge market to exploit and because it is not a traditional cybersecurity target, gaming platforms may not have the same level of security as other sectors.

Tip of the day: For the most part, Windows apps are stable, but they can still be still thrown out of whack by updates or configuration issues. Many boot their PC to find their Microsoft Store isn’t working or their Windows apps aren’t opening. Luckily Windows 11 and Windows 10 have an automatic repair feature for apps that can resolve such issues.