Malware attack on Minecraft RTX SEUS with Optifine
Malware attack on Minecraft RTX SEUS with Optifine
I decided to try this shader package instead of waiting for minecraft to officially support it, I figured everyone does mod's in minecraft so why not. I followed the instructions on this video....... https://youtu.be/fodyyGeXU5E *no idea why this isn't embedding One fresh OS install later and I'm writing this post. Malwarebytes found 361 pup's the first time I installed it, and the second time it didn't block everything. Clicking "decline" just forces the Optifine installer to do thing's in the background and install anyways. This guy is making $55k a month off of his shader pack but the installer to put it into minecraft is where the problem is. What can be done about this? I'm rather computer savy but thought I'd give this a shot, your average kid who doesn't know what they're doing doesn't have a chance Any thought's on this? I'm going to run it in a VM now to see if it even works.
You just tested it in a virtual machine and it seemed to sense the environment or detected a VPN connection... Wow, that's unusual!
I suspect you may have fallen for a fake link that's distributing malware disguised as Optifine/Shaders, which exists because they know it's a popular search and will be installed often by, as you said, kids who don't stand a chance. I mention this for a few reasons. One, I have come across sites like this before. Two, it's a common trick that's been around forever. Take a popular thing like Folding@Home, Facebook, Google, etc. register a URL that looks similar and might be an easy typo, and you're golden. Three, while not impossible, I don't believe the legitimate sources are distributing malware (or if they are, it's unintentionally as a result of being hacked), since again, these are popular things and have a good reputation. To throw out all that work in favour of distributing malware for whatever benefit that will get them in the short term seems rather illogical. For the record, I have the 1.14.4 F5 release from here (link below) and bitdefender finds no issues with it. https://www.optifine.net/downloads Granted, that was obtained a few weeks ago so if they have indeed been hacked or something, this info may not be useful, but it's worth having anyway I believe. This is a known "feature" present in some malware. They have various tricks in place to detect when they're no connected to the internet, and/or are being run in a VM or are otherwise being inspected, and to hide their true behaviour during such moments, not unlike VW's diesel "test mode" from a few years back.
I didn't anticipate that, but I found it using a comparable link you shared. Could be I was careless and tapped the wrong area? It seems to come from the video description. If both of you are running smoothly, it likely was an issue with me.
It's also possible your system identified something as an issue when there wasn't one (false positive), or perhaps others overlooked a real problem. Not all malware causes clear signs of trouble, so missing it doesn't guarantee everything is okay. But did you see anything unusual?
I ended up with all the toolbars disabled for security reasons.
It seems the problem was likely a faulty link. You're doing great, and it looks like you've already fixed it. Good luck with the rest!
Sure, I appreciate the clarification. Activating MalwareBlasty Pro would have prevented the issue altogether. Appreciate the assistance in fixing this error.