‘Minecraft’ mod vulnerability leaves players’ PCs defenceless against hackers
nme.comMinecraft players are being warned about a significant vulnerability in a number of modded servers, leaving their machines defenceless against hackers.As reported by Tom’s Hardware, the Minecraft Malware Prevention Alliance (MMPA) notified players over the weekend of this discovery. “BleedingPipe is an exploit being used in the wild allowing FULL remote code execution on clients and servers running popular Minecraft mods on 1.7.10/1.12.2 Forge,” the team explained.They added that there may be more versions of Minecraft that could be at risk of the exploit and suggested that players take this warning seriously.
The first instance of BleedingPipe appeared in March of last year but the MMPA said that “none have been of this scale in the Minecraft community.”In order to protect peoples’ computers and laptops, Dogboy21 on GitHub – with assistance from a host of other developers – created a patcher that addresses potential vulnerabilities in all known affected mods.“While there are just a relatively small amount of attacks targeting this vulnerability in the wild, because of the significance of the vulnerability, it is completely dangerous to play with unpatched mods currently,” said Dogboy21.“Attackers already attempted (and succeeded in some cases) Microsoft access token and browser session steals.
But since they can literally execute any code they want on a target system, the possibilities are endless,” they continued.At the moment, there is a growing list of the affected mods for players’ advisement.
Read more on nme.com