CurseForge, a popular gaming platform that offers various video game modifications and add-ons, has taken steps to address the threat of Fracturizer, a worm virus found in Minecraft mods. This virus has been labeled “extraordinarily perilous” and, according to researchers, any devices infected by it should be deemed entirely compromised by the threat actors responsible for its creation.
Fracturizer has been discovered embedded within several popular Minecraft modpacks, which allow players to easily switch between multiple mods, enhancing their gameplay experience. However, the convenience of these modpacks has come at a cost, as the malware exploits the mechanism to spread quickly and infect as many devices as possible.
GitHub contributors analyzing the Fracturizer GitHub repository have uncovered malicious files dating back several months, with some files allegedly from as far back as 1999, an unusual aspect within the CurseForge platform. GitHub has disclosed that a command-and-control server linked to Fracturizer has been successfully suspended by its hosting provider, which has significantly impeded the Malware’s ability to communicate with compromised systems.
In an attempt to address concerns and reassure its user base, CurseForge issued a statement on June 7th, 2023, emphasizing that the platform itself remains uncompromised. The platform also released a tool to detect infected mods and has suspended accounts associated with the malware while assuring its community that a resolution is actively being pursued. The modders have also published a set of instructions to identify potential exposure to Fracturizer and guide users on detecting indicators of compromise and implementing mitigation measures promptly.
Despite these remedial actions, Minecraft players are advised to remain cautious and refrain from engaging with suspicious modpacks or plugins. This incident serves as a stern reminder of the ever-present cyber threats lurking in the digital realm and highlights the importance of maintaining robust cybersecurity practices.
This news follows a recent report by HackRead, which showed that Minecraft has been declared the most malware-infected game. Minecraft players have been urged not to download any new mods or plugins until cybersecurity experts can uncover a remedy for the rapidly spreading malware that is causing havoc within the game.
The threat of Fracturizer follows in the footsteps of other gaming malware, such as SeroXen RAT, which has been used to target gamers recently. Hackers are also remotely interrupting GTA Online PC gameplay, and gaming firms, community members are being hit by the Dark Frost Botnet. In another instance, fake ROBLOX, Nintendo game cracks have been found to drop ChromeLoader malware.
As the gaming industry continues to grow, so do the risks of cyber threats. It is imperative for gamers and gaming platforms to take cybersecurity seriously and work towards preemptive measures to prevent and counter such threats.