New Threat to Minecraft Players: Take Action to Secure Your System

Usama AnjumLast Updated: Aug 1, 2023

There is bad news for all Minecraft lovers as hackers have found a flaw in some of the game mods. According to the MMPA security community, the malicious actors are exploiting a “BleedingPipe” flaw in the Forge framework powering multiple mods. These mods include some versions of Astral Sorcery, EnderCore, and Gadomancy.

If any of the game mods are running on Forge 1.7.10/1.12.2, then hackers will be able to remotely control both servers and devices of the gamers. One instance showed that a hacker was using a new exploit variant to hack a Minecraft server and steal both the Discord credentials of users along with the Steam session cookies of the players.

Therefore, it has been suggested that you should be using antivirus tools if you are using certain Minecraft mods that aren’t updated.

According to a source, BleedingPipe is a vulnerability in Java code that is utilized by certain Minecraft mods, enabling users to gain control of servers by transmitting specific network traffic. While some modders have resolved the issue, various servers haven’t been updated, leaving them vulnerable to potential phishing attacks.

Microsoft (Mojang’s parent company) is not responsible for these mods, therefore they aren’t able to directly intervene. Users are urged to scan their systems for malware, and server operators must update or stop using unreliable mods to save themselves from hackers. MMPA offers a PipeBlocker mod for increased protection, but it might lead to issues with un-updated mods. However, on the bright side, it is pertinent to mention that Stock Minecraft and single-player sessions aren’t affected by the new vulnerability.

The BleedingPipe vulnerability in some of the Minecraft mods is not completely understood, and there could be even more affected mods than the already discovered ones. Therefore, users must check their systems, including the Minecraft folder, for malware.