If you or your kids are fans of Minecraft, it might be wise not to download new plugin mods for a while.
Computer security researchers say cybercriminals have managed to embed malware named “Fracturizer” within packages and plugins used to modify the behavior and appearance of this incredibly popular game. announced that it had found
like a ringing computer reporthackers compromised the accounts of modding platforms CurseForge and Bukkit, inserting Fracturizer into a number of plugins widely used in the game.
Plugins containing similar malware have been reported to have been spotted as early as mid-April 2023.
Minecraft players who have never been near mods should have nothing to fear, but some may be wise to scan their computer for malware to ensure their personal data is not compromised. There may be
Because the malware not only looks for .JAR files to infect, but also steals cookies and login credentials from web browsers, Discord credentials, Microsoft and Minecraft credentials.
In addition, Fraturizer replaces cryptocurrency addresses in the clipboard of infected computers with addresses believed to belong to the person behind the attack.
At the time of this writing, the attack is believed to target Windows and Linux computers, not macOS.
CurseForge Tool to detect infected mods.
Additionally, CurseForge maintains a list of mods known to be affected by this attack.
Obviously, if your computer turns out to be compromised by malware, you should not only clean up your device, but also change the passwords of accounts that are at risk of being hacked.
Find technical articles on how Fraturizer is distributed, how it is replicated, and its payload. here.
Editor’s note: The opinions expressed in this article and other guest author articles are those of the contributors only and do not necessarily reflect those of Tripwire.