ThreatFox IOC Database

Anonymous

packsmc.com is a malicious Minecraft pack distribution platform hosting tens of thousands of packs, a significant portion of which are confirmed malware payloads disguised as game content. The site operates in direct partnership with the known malicious file host rootz. so and ranoz.gg (Gaea Operations GmbH, DE) — exclusively contracted as their file hosting infrastructure — making it the primary demand-side driver behind these dangerous hosting networks. Violations include:
Malware distribution at scale — Minecraft packs served as trojanized files containing viruses, stealers, RATs, and trackers
Contracted malicious hosting exclusively uses rootz. and ranoz.gg as file hosts, both flagged by multiple AV vendors including Avast
Stealer/tracker delivery — dormant malicious payloads silently installed on victim systems upon download
Phishing & scam ads serve malicious advertisements that download spyware and credential stealers without user consent
Platform-level complicity—knowingly partnering with flagged malware hosts, making packsmc.com a core node in the malware distribution network
No content moderation, no abuse contact, no ownership transparency
It acts as the birthplace and primary growth engine for Rootz. so, ranoz.gg and associated illegal SaaS infrastructure
Thousands of unsuspecting Minecraft players (including minors) are actively being compromised through this platform daily. Recommended action: Immediate domain suspension, hosting termination, law enforcement referral, and ad network termination.