A vulnerability affecting numerous popular Minecraft mods
A vulnerability has been found in numerous popular Minecraft Mods which could allow hackers to exploit them to take over players’ machines. The Minecraft Malware Prevention Alliance (MMPA) has warned that it is dangerous to play with unpatched mods, as the threat could potentially spread to servers. The exploit uses a Java deserialization attack/gadget chain to take advantage of the unsafe use of Java serialization in network packets.
A Computer Science student named Dogboy21 has identified 36 vulnerable mods and has provided a fix on their GitHub page, with Minecraft server admins recommended to lock up their Echo Shards to protect against this exploit. The issue is well known in the Java community, with similar issues having already been fixed in other mods in the past.
“The Bleeding Pipe vulnerability is not new, but none have been on this scale in the Minecraft community before,” the MMPA says. “This vulnerability allows an attacker to execute remote code on the target system. Hackers have already succeeded in stealing Microsoft access tokens and browser sessions using this exploit. The possibilities for the attackers are endless, since they can execute any code on the target system.
“Minecraft server admins are advised to patch their mods to prevent against remote code execution attacks.”
The MMPA also warns that the list of affected mods provided may not be complete. Minecraft players are urged to stay updated and ensure they are not falling victim to the security risks.
Take precautions against this Minecraft mod exploit by following @TiC_Podcast on Twitter.
