Minecraft server s better lock up their Echo Shards because this newsroom is about to get deep and dark. According to the Minecraft Malware Prevention Alliance (MMPA)—yep, that's a thing—s have spotted a vulnerability affecting a whole lot of Minecraft servers, citing many popular mods able to be exploited by hackers looking to take over players' machines.
"This vulnerability is well known in the Java community, and has been fixed before in other mods," the MMPA blog post notes (via Tom's Hardware). It's not a new thing, then. Though the post makes it clear that "none have been of this scale in the Minecraft community."
One Computer Science student, known as Dogboy21 on GitHub, spotted something like 36 mods that are vulnerable to the so-called Bleeding Pipe exploit. They warn that, right now: "It is completely dangerous to play with unpatched mods currently."
"Attackers already attempted (and succeeded in some cases) Microsoft access token and browser session steals. But since they can literally execute any code they want on a target system, the possibilities are endless."
Best SSD for gaming: Get into the game ahead of the rest.
The exploit utilises a Java deserialization attack/gadget chain that's able to take advantage of "unsafe use of the Java serialization feature in network packets sent by servers to clients or clients to servers."
Thankfully Dogboy21 (what a name) has been working together with other helpful s to offer a fix on their GitHub page.
Mods such as EnderCore, AetherCraft mode, LogisticsPipes, Immersive Armors and ttCore are just a few of those affected, though the Git page warns s to "KEEP IN MIND THAT THIS LIST IS DEFINITELY NOT COMPLETE", beside the (mostly) full list.
