Several Minecraft Mods Discovered to Have Malware

There are many perks to PC gaming, and among them is being able to use mods to make video games better or more suited to a player's liking. However, this also provides certain risks. For instance, several Minecraft mods appear to have been injected with malware, which can be used to breach computer systems.

Minecraft on PC
Jakub Porzycki/NurPhoto via Getty Images

Beware of Minecraft Mods

Dozens of mods and plugins found in CurseForge and Bukkit.org have been found to have malware as accounts were compromised. The malware, specifically called "Fracturiser" has been injected into the affected mods and plugins.

The malware is able to affect Windows and Linux systems, with investigators suspecting that the Fracturiser has been active since around mid-April. With that, modders are advised not to download or use mods for a while until the issue has been solved.

In the event that an infected mod has been launched, it will go through four stages starting with stage zero, with each downloading files from a command-and-control server. Once it reaches stage three, it will start creating folders and scripts to make changes in the computer system.

Once the malware takes hold, it will be able to steal cookies and login information from browsers, replace cryptocurrency addresses in clipboards, steal Discord, Microsoft, and Discord credentials, as well as propagate to Java archive files and infect other mods.

The creator of an open-source launcher for the game, Prism Launcher along with officials says that the infection has been widespread, as mentioned in Ars Technica, listing down mods from both CurseForge and Bukkit to spot which ones players should avoid.

CurseForge is already looking into the incident where the malicious user uploaded the mods and plugins, emphasizing that it is only affecting Minecraft users and that the accounts involved have already been banned from the platform.

Which Mods Should You Avoid?

Right now, if you plan on using mods for Minecraft, it's best to leave it until the issue has been completely resolved. If you want to despite the malware, you can at least try to avoid the following mods and mod packs affected by the malware, as listed by Bleeping Computer.

From CurseForge:

  • Dungeons Arise

  • Sky Villages

  • Better MC mod pack series

  • Dungeonz

  • Skyblock Core

  • Vault Integrations

  • AutoBroadcast

  • Museum Curator Advanced

  • Vault Integrations Bug fix

  • Create Infernal Expansion Plus

From Bukkit:

  • Display Entity Editor

  • Haven Elytra

  • The Nexus Event Custom Entity Editor

  • Simple Harvesting

  • MCBounties

  • Easy Custom Foods

  • Anti Command Spam Bungeecord Support

  • Ultimate Leveling

  • Anti Redstone Crash

  • Hydration

  • Fragment Permission Plugin

  • No VPNS

  • Ultimate Titles Animations Gradient RGB

  • Floating Damage

If you suspect that your system has been infected, you can check your computer for the virus. First off, make sure that all your hidden files are also visible. Type in "%LOCALAPPDATA%Microsoft EdgelibWebGL64.ja" for Windows systems.

You may also check a shortcut in "%appdata%MicrosoftWindowsStart MenuProgramsStartup" and if that doesn't work, check the registry for an entry at "HKEY_CURRENT_USER:SoftwareMicrosoftWindowsCurrentVersionRun."

For Linux, you can check "~/.config/.data/lib.jar" to see if you've been impacted. If you're one of the lucky few, you may be using one of the four major antivirus engines that can detect the Fracturiser malware automatically.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics