Warning: Keyloggers in Old Launchers

I saw this yesterday and thought I might post it.

Like many of you, I updated to the new launcher and had login issues. I replaced my old launcher, so I couldn't go back. A quick search for an old launcher online produced a Minecraft Forum thread where someone kindly posted the old launcher. I downloaded it.

Long story short, as of today, my steam account has been compromised, my Gmail account was briefly accessible, and I’m worried that some other site information (Bank account pages, twitter, Facebook, etc…) has been compromised. A quick run of Microsoft Security Essentails pointed to the Minecraft Launcher I downloaded. So please, wait until Mojang fixes the launcher or they provide a download to the old one.

Do NOT download any launchers from any other site than Minecraft.net.

I’ve been dealing with it all morning. Fortunately, all I seem to have lost was my steam account.

If you happened to download an old launcher from anywhere but Notch’s twitter/the minecraft site, I suggest you check the integrity of your file by using a md5 checksum because virus scanners won’t always pick them up.

The correct checksums are:
d14ba7be37e9a859c35027fbc48156e3 for Windows
c699179dcf9d117010998d6b034cdb19 for GNU/Linux

I actually did get a nasty virus from something similar. It was a little tough to remove, but I am sure it is gone. In regedit, it was registered as part of windows defender. The file was called Minecraft Start.exe.

Thankfully, my firewall noticed it was trying to access the internet during idle time. I has set it for temporary permission while I tried to run it the first time. Careful out there!