Dozens of popular Minecraft mods found infected with Fracturiser malware
Developers of plugin software for the wildly popular Minecraft game are advising users to immediately stop downloading or updating mods after discovering malware has been injected into dozens of the most widely used offerings.
The mod-developer accounts were hosted by CurseForge, a platform that hosts accounts and forums related to add-on software known as mods or plugins, which extend the capabilities of the standalone Minecraft game. Some of the malicious files used in the attack date back to mid-April, a sign that the account compromises have been active for weeks. Bukkit.org, a developer platform run by CurseForge, is also believed to be affected.
Fracturiser infecting Windows and Linux systems
“A number of Curseforge and dev.bukkit.org (not the Bukkit software itself) accounts were compromised, and malicious software was injected into copies of many popular plugins and mods,” gamers wrote in a forum dedicated to discussing the event. “Some of these malicious copies have been injected into popular modpacks including Better Minecraft. There are reports of malicious plugin/mod JARs as early as mid-April.”