CurseForge Malware? Learn How To Remove “fractureiser”

We are issuing an important announcement regarding the recent compromise of CurseForge (CF) that has come to our attention. At Minecraft Shader, our primary concern is the safety and security of our users, and we want to ensure that you have the most up-to-date information to protect yourself.

Recently, it has been discovered that a security breach occurred on CurseForge, potentially impacting user accounts and mod downloads. We understand the gravity of this situation and are actively investigating the extent of the breach. Our team is working diligently to address the issue and take necessary measures to secure the platform.

How to know if you are already infected?

  1. To check for existing infections on your system, follow the steps outlined below:
    • Download the detection tool from this location [link to the tool].
    • The tool’s GitHub project can be accessed here [link to GitHub project].
    • Run the downloaded detection tool on your computer. This tool will scan your system and generate a list of detected files.
    • Example output:
  1. If the detection tool identifies any infections, please ensure that hidden files are displayed on your system. To do this on Windows, go to the top of your File Explorer window (any opened folder), click on “View,” and then check the “Hidden Items” option.
  2. Next, manually navigate to each file location mentioned in the detection results and delete those files. Specifically, look for the “Microsoft Edge” folder (with a space in the name) and delete it. Note that the legitimate Edge folder does not have a space in its name.

In addition to these steps, if you were found to be infected, we strongly recommend taking further precautions:

  1. Run independent malware scanning tools on your system to ensure thorough detection and removal.
  2. Change important passwords that you have used on your system as an extra safety measure.

To detect any dormant or other infected mods/Jar files, follow the steps below:

  1. After completing the previous steps, run the Jar Malware Scanning tool. You can access the tool from this link [link to the tool]. The tool’s GitHub page is available here [link to GitHub project].
  2. Run the Jar Malware Scanning tool even if you were not found infected in the previous step.
  3. Use the tool to scan all folders that contain Minecraft mod Jars installed on your system.
    • Click on “Browse” and select a folder that contains the Jar files, then click on “Scan.”
    • This will check the selected folder and its sub-folders for any infected files.

If the scanning tool detects any infected files, a message will be displayed indicating their presence. In such cases, delete the identified Jar file(s) accordingly. Ensure that you cover all folders on your system that contain Mods/Packs for Minecraft.

By following these steps, you can proactively detect and remove any potential infections on your system, ensuring a safer environment for your Minecraft gameplay.

Updated List of Confirmed Infected Mods

List of confirmed mods that were infected but have now been fixed.

  1. Buried Barrels
  2. Sky Villages [Forge/Fabric]
  3. Simply Houses
  4. When Dungeons Arise -Forge/Fabric
  5. Skyblock Core
  6. Prominence [FORGE]
  7. Medieval MC [FORGE] – MMC3
  8. Better MC [FORGE] – BMC3

Projects that are infected and taken down permanently:

  1. Golem Awakening
  2. Phanerozoic Worlds
  3. Autobroadcast
  4. Museum Curator Advanced
  5. Vault Integrations (Bug Fix) *Note – Not the Modpack Vault Integrations
  6. AmazingTitles
  7. dungeonx * Note – Not DungeonZ
  8. HavenElytra
  9. DisplayEntityEditor
  10. The Nexus Event Custom Event
  11. SimpleHarvesting
  12. McBounties
  13. More and Ore advanced
  14. Easy Custom Foods
  15. AntiCommandSpam Bungeecord Support
  16. UltimateLevels
  17. AntiRedstoneCrash
  18. hydrationPlugin
  19. NoVPN
  20. Fragment Permission Plugin
  21. Anti ChatReport
  22. Additional Weapons+
  23. UVision ENHANCED(server pack only)
  24. UVision Server(server pack only)
  25. UVision LITE (server pack only)
  26. Create: Diesel and Oil Generators
  27. Ultra Swords Mod
  28. Simple Frames
  29. AntiCrashXXL
  30. Skelegram – The Skript Telegram Addon!

If you have any of the modpacks mentioned above, we strongly advise you to ensure that you have the latest version of the modpack installed. The necessary fixes have been made available, and any infected files have been deleted.

Last Updated: 06/08/2023 09:34 UTC

How to Pootect you CurseForge Account?

In light of this event, we strongly advise all users who have downloaded mods from CurseForge between the dates of [specific date range] to take immediate action. Here are the recommended steps:

  1. Change your passwords: It is crucial to change your CurseForge account password immediately. Additionally, if you have used the same password for other platforms or services, we recommend changing those passwords as well to maintain account security across all your online activities.
  2. Run antivirus scans: Perform a thorough scan of your computer or device using reputable antivirus software to detect and remove any potential malware or viruses that may have been downloaded along with the compromised mods.
  3. Be cautious of suspicious activities: Remain vigilant for any unusual or suspicious activities related to your CurseForge account, such as unauthorized access, unfamiliar changes in settings, or unfamiliar mod downloads. If you notice anything suspicious, report it immediately to the Prism Launcher support team.
  4. Enable two-factor authentication (2FA): If available, enable two-factor authentication for your CurseForge account. This adds an extra layer of security by requiring a verification code in addition to your password for account access.

Conclusion

Please be assured that we take the security and privacy of our community seriously, and we apologize for any inconvenience caused by this incident. If you have any further questions or require assistance, don’t hesitate to reach out to the appropriate support channels provided by CurseForge.

Thank you for your understanding and cooperation as we work together to maintain a secure environment for the Minecraft community.

Sincerely,

The Minecraft Shader Team

You Might Also Like

Up! September 26, 2024

How to Install Minecraft Shaders 1.21.1? [Updated Tutorial]

In this tutorial, I will teach youย how to install Shaders on Minecraft 1.21.1 usingย OptiFine. Have you ever thought about having more beautiful graphics in Minecraft? Of course, the graphic creativity of the game

Up! September 26, 2024

How to Install Optifine for Minecraft 1.21.1?

There are numerous advantages of installing the Optifine 1.21.1 in the Minecraft game to optimize its performance. The features involved in its application range from implementing AdvancedOpenGL for fasting, turning off light lighting, fog, animations,

Up! September 26, 2024

How to Download & Install Java for Optifine

Download and install Java for Optifine is easy and free. There are a few ways through which you can get Java on your computer. How to Download Java? There are two methods of

New September 26, 2024

Error Installing OptiFine: A Java Exception has occurred

Encountering a Java exception during OptiFine installation can be a perplexing moment for Minecraft enthusiasts eager to enhance their gaming experience. This error signals a problem with the installation process, but don’t worry

New September 26, 2024

How to Install Shaders on Bedrock Edition – New Deferred Lighting

Minecraft now offers built-in shader support, eliminating the requirement for external mods or plugins. The introduction of a new graphics engine aims to revitalize Minecraft’s visuals, enhancing the player experience. Notably, this feature

New September 26, 2024

Minecraft RTX: Shaders for Minecraft Windows 10 Edition

Minecraft RTX is the way for Windows 10 users to play with Shaders and have Ultra-Realistic Graphics. There is no doubting the fact thatย Minecraft RTXย has been making lots of headlines in recent times.