Malware Infected Mods on CurseForge

Firstly, UltraServers has not been infected and is not compromised in any way, shape, or form. But, as a company we are conscious about the security of our users, and with the latest incident regarding CurseForge we want to make sure that our community is aware of what is going on.

A couple of days ago, it was announced that some mods and projects hosted by CurseForge were infected by malicious malware. So, this blog post will be a short summary of what’s happened and how you can make sure you’ve not been affected.

What Happened?

A malicious user had created multiple accounts on CurseForge and uploaded mod projects that included malicious malware.

Furthermore, one of the users connected to Luna Pixel Studios (LPS) had been hacked and the hacked account was also used to upload similar malware.

Since this happened, CurseForge has banned or disabled all accounts related to this incident. They’ve also made it very clear that CurseForge is not compromised, and no admin accounts were hacked.

What Should I Do?

There are reports of malicious plugins and mods as early as May 22nd. If you’ve downloaded and installed anything from CurseForge from that day or going forward, you should take action and check if you’ve been infected.

By following this link, you will find a list of which projects that have had malicious malware included. You will also find a tool that you can use to check if you’ve been infected.

For even more information on the topic, you can follow the links below:

https://github.com/fractureiser-investigation/fractureiser

https://prismlauncher.org/news/cf-compromised-alert/

https://support.curseforge.com/en/support/solutions/articles/9000228509-june-2023-infected-mods-detection-tool/

Conclusion

As we mentioned in the beginning of this blog post, we take security very seriously and want to make sure our users are safe and sound. That’s why we’ve decided to publish the blog post even though it is not at all related to UltraServers and our services.

We hope you found this information to be useful, and hopefully it helped you to remove any malware if you’ve been infected by it. Take care, and be safe!

Posted

in

by

varg