The bad news for Minecraft fans is that hackers have discovered a vulnerability in some add-ons. The security community of the MMPA has determined that the attackers are taking advantage of a “BleedingPipe” vulnerability in the Forge framework, which is responsible for powering numerous mods. Some versions of Astral Sorcery, EnderCore, and Gadomancy are among these add-ons.
Hackers will be able to take control of players’ servers and devices if they use Forge 1.7.10/1.12.2-based game mods. In one case, an attacker used a new exploit version to break into a Minecraft server, where they stole users’ Discord credentials and Steam session cookies.
It has been reported that certain Minecraft mods exploit a Java code vulnerability known as BleedingPipe, which allows users to take control of servers by sending specially crafted network data. Some modders have fixed the problem, however many servers haven’t been updated and are still at risk from phishing attempts.
Mojang’s parent company, Microsoft, is not responsible for the content of these modifications and cannot take any action in response to them. Users are encouraged to scan their PCs for viruses, and server owners are urged to either update their software or stop utilizing potentially dangerous mods. PipeBlocker, a security addon available through MMPA, could cause problems with older addons. On the plus side, it’s important to note that the new vulnerability doesn’t affect Stock Minecraft or single-player sessions.
There is still a lack of clarity regarding the scope of the BleedingPipe vulnerability in Minecraft mods, and it is possible that other modules are vulnerable. Users should scan their entire computer, not just the Minecraft folder, for malicious software.
