- High Performance Software Defined Receivers
- Get a Microsoft 365 license for $40 right now
- The best mini PCs of 2024: Expert recommended
- I tested Meta's transparent Ray-Ban smart glasses, and they're a near-perfect accessory for me
- The best Lenovo laptops of 2024: Expert tested and reviewed
Malware menaces Minecraft mods
If you, or your kids, are fans of Minecraft – you might be wise not to download any new mods of plugins for a while.
Computer security researchers say that they have uncovered that cybercriminals have succeeded in embedding malware named “Fracturizer” within packages and plugins used to modify the behaviour and appearance of the phenomenally popular game.
As Bleeping Computer reports, hackers compromised accounts at modding platforms CurseForge and Bukkit to inject Fracturizer into a number of widely-used plugins for the game.
Plugins with similar malware have reportedly been found as early as mid-April 2023.
Minecraft players who have never gone near mods have nothing to fear, but others may be wise to scan their computers for malware in order to ensure that their personal data is not at risk.
Because the malware not only looks for .JAR files to infect, but also steals cookies and login information from web browsers, Discord credentials, and Microsoft and Minecraft credentials.
In addition, Fracturizer replaces cryptocurrency addresses in an infected computer’s clipboard, replacing it with one presumably belonging to whoever is behind the attack.
At the time of writing, the attack is thought to be targeting Windows and Linux computers, not macOS.
For its part, CurseForge has released a tool to detect infected mods.
In addition, CurseForge is maintaining a list of mods that have been confirmed to be impacted by the attack.
Obviously if you do find that your computer has been compromised by the malware, you should not just clean-up your device but also change your passwords on accounts that may be at risk of being hacked.
A technical write-up on how Fracturizer has been distributed, how it replicates, and its payload can be found here.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire.