A malware campaign called ‘Fractureiser’ is spreading rapidly among Minecraft gamers, targeting modpacks and plugins, according to cybersecurity firm Bitdefender. The campaign involves compromised CurseForge and Bukkit accounts used to publish malware-infected updates without the original authors’ knowledge. The malicious mods have been included in popular modpacks that have been downloaded millions of times. The Fractureiser malware is downloaded in multiple stages and can hijack cryptocurrency transactions, steal cookies and credentials from web browsers, and exfiltrate authentication tokens. Bitdefender identified several affected mods and advised users to scan their JAR files if they have downloaded the infected mods.
Read more: https://www.infosecurity-magazine.com/news/minecraft-warned-malware-modpacks/