A vulnerability was found in Minecraft mods. It allows hackers to steal data
![](data:image/svg+xml;utf-8,<svg xmlns="http://www.w3.org/2000/svg" width="1600" height="1200" />)
Minecraft is one of the most popular games of the XXI century, during which both adults and children spend tens and hundreds of hours. For many, of course, official content alone is not enough, so they install various modifications. It turned out to be dangerous.
![](data:image/svg+xml;utf-8,<svg xmlns="http://www.w3.org/2000/svg" width="960" height="404" />)
Experts from the Minecraft Malware Prevention Alliance (MMPA) discovered the BleedingPipe vulnerability in a number of mods, mainly based on Forge. It allows hackers to run remote execution of arbitrary code - with this you can, for example, access users' personal data. The Loup was found in:
• EnderCore;
• LogisticsPipes;
• BDLib 1.7-1.12;
• Smart Moving 1.12;
• Brazier;
• DankNull;
• Gadomancy.
Server owners are recommended to check the directories for the content of suspicious files and refuse to use the above-mentioned modifications until their authors get rid of the problem. Ordinary gamers can also scan the .minecraft directory just in case using jSus or jNeedle utilities - the vulnerability is shown as an error with ObjectInputStream serialization in Java.
1 comment