38 Minecraft Copycat Games on Google Play Infect over 140 Million Users Monthly

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

Recently, a group of threat actors have disguised their malware as 38 Minecraft-inspired games on Google Play, infecting unsuspecting devices with the insidious ‘HiddenAds’ adware. 

While players get lost in the blocky world of Minecraft clones, the adware stealthily runs in the background, generating revenue for the malicious operators.

McAfee’s Mobile Research Team, part of the App Defense Alliance, uncovered the adware set to safeguard Google Play from potential threats.


With a staggering 140 million active players every month, Minecraft’s popularity as a sandbox game has prompted various game publishers to try and replicate its success.

Approximately 35 million Android users worldwide fell victim to the adware hidden in Minecraft-like games, with the majority of downloads originating from the following countries:-

  • The United States
  • Canada
  • South Korea
  • Brazil

Despite the covert malicious adware activity in the background, the users remained unaware of it as they could enjoy uninterrupted gameplay.

The games were uploaded to Google Play with many titles and package names, hiding their true intent. Apart from their duplicitous nature, numerous users have already downloaded these apps, some even boasting over 10 million downloads.

Infection Effects

Here below, we have mentioned the affecting signs of these malicious apps on the targeted devices:-

  • Overheating issue
  • Increased network data
  • Increased Battery consumption
  • Laggy behavior
  • Uncertain app crashes

Set of Malicious Apps

After reporting, all malicious apps have been removed from the store. Here are the top downloaded apps from that set:-

  • Block Box Master Diamond: 10 million downloads
  • Craft Sword Mini Fun: 5 million downloads
  • Block Box Skyland Sword: 5 million downloads
  • Craft Monster Crazy Sword: 5 million downloads
  • Block Pro Forrest Diamond: 1 million downloads
  • Block Game Skyland Forrest: 1 million downloads
  • Block Rainbow Sword Dragon: 1 million downloads
  • Craft Rainbow Mini Builder: 1 million downloads
  • Block Forrest Tree Crazy: 1 million downloads

Upon the game launch, ads load in the background but don’t appear on the screen. Questionable packets from ad libraries like Google, AppLovin, Unity, and Supersonic were exchanged, as revealed by network traffic analysis.

McAfee notes that some apps share similar initial network packets with the path “https://(random).netlify.app/3.txt,” but the domains differ.

Similar game names and shared network packets with differing domains hint at a possible connection among the apps, potentially created by the same author.

Apart from this, the cybersecurity analysts classified these adware apps as not high-risk for users, but their presence can still threaten mobile devices.

To ensure a safe and secure experience when downloading applications from the store, security experts have strongly advised users to carefully examine user reviews beforehand and also make sure to keep the installed apps and security software on their devices up-to-date.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus