If you play Minecraft Pocket
How ironic would that be if you are an InfoSec professional or a vendor?
This is the day and age we are living in now.
Security researchers say they have discovered several malicious apps in the Google Play store.
Some of the apps provide "skins" to change the look of your Minecraft characters. In the words of my 10-year-old: "Dad, skins make my Minecraft guy way cooler."
Okay, maybe it does make them cooler. That is a matter of opinion, I suppose.
But Symantec, which discovered the Minecraft related botnet risk, says it has some facts:
"The app connects to a command and control (C&C) server on port 9001 to receive commands. The C&C server requests that the app open a socket using SOCKS and wait for a connection from a specified IP address on a specified port. A connection arrives from the specified IP address on the specified port, and a command to connect to a target server is issued."
Researchers say the U.S. market seems to be the top target, and the apps have an install base of 600,000 to more than 2 million each.
The idea behind Minecraft is to build something. In this case, it appears the malicious apps related to it are able to do just that.
