"Minecraft'' mods are fun additions to the game for those who want to spice up their gaming to the next level. While these are safe and widely accepted by the community, the authorities have cautioned the players not to install them in the meantime because of dangerous malware.
The hackers injected "Fracturiser" malware which can steal sensitive information from the mod developers, which in this case are the source codes.
Cybercriminals Inject Data-Stealing Malware into 'Minecraft' Mods
Playing "Minecraft" can be comforting and challenging at the same time while you build blocks for your house. However, the recent incident can only give you stress upon knowing that your download "Minecraft" is infected by malware.
As Bleeping Computer gathered in its report, the hackers were able to infect many Bukkit and CurseForge accounts on the platform upon deploying Fracturiser into the mods and plugins.
Gamers know that the mod packs are secured and safe for download, but even two-factor authentication cannot guarantee that. The authorities said that for the malware to stop spreading, the updates were put to the archived files as part of the public advisory.
Windows and Linux Users Should Refrain From Installing 'Minecraft' Mods
If you're playing "Minecraft" on mobile or Nintendo Switch, you don't have to skip a heartbeat just to avoid downloading any of its mods. But, if you are a Windows or Linux gamer, it's about time to worry about what's at stake.
According to Prism Launcher, the malware is designed to infect Windows and Linux devices only.
To check whether your PC is infected or not, you can go to /.config/.data/lib.jar if you're a Linux user. If you have Windows, you can visit %LOCALAPPDATA%Microsoft EdgelibWebGL64.jar (or ~AppDataLocalMicrosoft EdgelibWebGL64.jar) and see if there are hidden files in the folder.
Related Article ': Minecraft' Early Access Version Now Available on Chromebooks, Microsoft Says
Affected 'Minecraft' Mods
If you're not sure whether your "Minecraft" mod is Fracturiser-infested or not, you might as well refer to this list from Ars Technica for your peace of mind.
CurseForge
- Dungeons Arise
- Sky Villages
- Better MC mod pack series
- Dungeonz
- Skyblock Core
- Vault Integrations
- AutoBroadcast
- Museum Curator Advanced
- Vault Integrations Bug fix
- Create Infernal Expansion Plus - Mod removed from CurseForge
Bukkit
- Display Entity Editor
- Haven Elytra
- The Nexus Event Custom Entity Editor
- Simple Harvesting
- MCBounties
- Easy Custom Foods
- Anti Command Spam Bungeecord Support
- Ultimate Leveling
- Anti Redstone Crash
- Hydration
- Fragment Permission Plugin
- No VPNS
- Ultimate Titles Animations Gradient RGB
- Floating Damage
It's important to note that this information-stealing malware is not only notorious for stealing your sensitive login data and files. It can also take your Microsoft, Minecraft, and Discord credentials. What's worse, it can replace your crypto addresses with fake ones.
Read also: 'Metroid Prime 4' Rumors: Release Date Is Set for Holiday 2023 - It Is Finally Coming Out?
