CurseForce Platform Advises Gamers to NOT Download 'Minecraft' Mods

Risk getting a new Minecraft mod or risk getting a new malware? You choose.

"Minecraft'' mods are fun additions to the game for those who want to spice up their gaming to the next level. While these are safe and widely accepted by the community, the authorities have cautioned the players not to install them in the meantime because of dangerous malware.

The hackers injected "Fracturiser" malware which can steal sensitive information from the mod developers, which in this case are the source codes.

Cybercriminals Inject Data-Stealing Malware into 'Minecraft' Mods

CurseForce Platform Advises Gamers Not to Download 'Minecraft' Mods—Fracturiser Malware to Blame?
LONDONDERRY, NORTHERN IRELAND - OCTOBER 10: A digital version of the character 'Sal' sits in the virtual Minecraft world created by the backstage digital team during a 'Playcraft' live rehearsal at The Playhouse Theatre and Arts Centre on October 10, 2017 in Londonderry, Northern Ireland. 'Playcraft' features the worlds first live performance of a play featuring projections of Minecraft video game virtual sets which include Brooklyn Bridge, Times Square and Neolithic landscapes. At 7pm GMT on Saturday 14 October the new play will become the world's first to be performed live on stage and inside the Minecraft video game. Charles McQuillan/Getty Images

Playing "Minecraft" can be comforting and challenging at the same time while you build blocks for your house. However, the recent incident can only give you stress upon knowing that your download "Minecraft" is infected by malware.

As Bleeping Computer gathered in its report, the hackers were able to infect many Bukkit and CurseForge accounts on the platform upon deploying Fracturiser into the mods and plugins.

Gamers know that the mod packs are secured and safe for download, but even two-factor authentication cannot guarantee that. The authorities said that for the malware to stop spreading, the updates were put to the archived files as part of the public advisory.

Windows and Linux Users Should Refrain From Installing 'Minecraft' Mods

If you're playing "Minecraft" on mobile or Nintendo Switch, you don't have to skip a heartbeat just to avoid downloading any of its mods. But, if you are a Windows or Linux gamer, it's about time to worry about what's at stake.

According to Prism Launcher, the malware is designed to infect Windows and Linux devices only.

To check whether your PC is infected or not, you can go to /.config/.data/lib.jar if you're a Linux user. If you have Windows, you can visit %LOCALAPPDATA%Microsoft EdgelibWebGL64.jar (or ~AppDataLocalMicrosoft EdgelibWebGL64.jar) and see if there are hidden files in the folder.

Affected 'Minecraft' Mods

If you're not sure whether your "Minecraft" mod is Fracturiser-infested or not, you might as well refer to this list from Ars Technica for your peace of mind.

CurseForge

  • Dungeons Arise
  • Sky Villages
  • Better MC mod pack series
  • Dungeonz
  • Skyblock Core
  • Vault Integrations
  • AutoBroadcast
  • Museum Curator Advanced
  • Vault Integrations Bug fix
  • Create Infernal Expansion Plus - Mod removed from CurseForge

Bukkit

  • Display Entity Editor
  • Haven Elytra
  • The Nexus Event Custom Entity Editor
  • Simple Harvesting
  • MCBounties
  • Easy Custom Foods
  • Anti Command Spam Bungeecord Support
  • Ultimate Leveling
  • Anti Redstone Crash
  • Hydration
  • Fragment Permission Plugin
  • No VPNS
  • Ultimate Titles Animations Gradient RGB
  • Floating Damage

It's important to note that this information-stealing malware is not only notorious for stealing your sensitive login data and files. It can also take your Microsoft, Minecraft, and Discord credentials. What's worse, it can replace your crypto addresses with fake ones.

Joseph Henry
Tech Times
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics