this post was submitted on 07 Jun 2023
2 points (100.0% liked)

Gaming

30453 readers
397 users here now

From video gaming to card games and stuff in between, if it's gaming you can probably discuss it here!

Please Note: Gaming memes are permitted to be posted on Meme Mondays, but will otherwise be removed in an effort to allow other discussions to take place.

See also Gaming's sister community Tabletop Gaming.

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
alyaza@beehaw.org
TheRtRevKaiser@beehaw.org
gyrfalcon@beehaw.org
Whom@beehaw.org
The_Hunted_One@beehaw.org
chloyster@beehaw.org
remington@beehaw.org
2
Minecraft modding platforms Curseforge and Bukkit compromised (prismlauncher.org)
submitted 1 year ago by salarua@sopuli.xyz to c/gaming@beehaw.org
9 comments fedilink hide all child comments
top 9 comments
sorted by: hot top controversial new old
[–] ANapSoundsNice@beehaw.org 2 points 1 year ago

CurseForge created a new support article with the latest known confirmed infected mods/modpacks and a tool to quickly determine if you may have acquired the infected jars

[–] grimaferve@kbin.social 0 points 1 year ago (1 children)

Curseforge with the malware again? It's not the first time I've heard this, suspect it's not the last. It seems that they specify Minecraft, which makes sense as it's a JAR game with all the vulnerabilities that brings, but could this potentially affect other games they host mods for?

At least we have Modrinth as a functional alternative in the meantime. Modrinth has been my first choice but it's still missing a lot of big-name projects.

[–] salarua@sopuli.xyz 1 points 1 year ago

for the longest time Modrinth didn't have creator monetization, so there was no way for creators to make money off of ads. that kept many modders on Curseforge, but since Modrinth implemented creator monetization months ago, modders have slowly been mirroring to Modrinth

[–] IcedCoffeeBitch@beehaw.org 0 points 1 year ago (1 children)

Funny thing is I downloaded Better MC about half an hour after this was announced... ig when I get to my PC I'll delete it. From now on I'm using Modrinth

[–] salarua@sopuli.xyz 0 points 1 year ago (1 children)

check for infection too. Fractureiser (the "official" name of the malware) has the ability to spread to other mods

[–] IcedCoffeeBitch@beehaw.org 0 points 1 year ago (1 children)

I looked up on here and holy shit. Thankfully I installed on Flatpak so my filesystem should be unaffected(the app only has read only access to downloads).

Maybe this is a good moment to clear my PC from sensitive information xD

[–] sus@infosec.pub 0 points 1 year ago* (last edited 1 year ago) (1 children)

I should stop being lazy and using nix run.

[–] IcedCoffeeBitch@beehaw.org 1 points 1 year ago

I've heard good things about Nix, but it uses systemd and I'm too stubborn to change from my Artix runit setup

[–] ch1cken@discuss.tchncs.de 0 points 1 year ago

Yet another reminder to sandbox your apps people, otherwise every app/mod u install will always be a risk and an AV should never be your main defense, https://sandboxie-plus.com/ on windows is incredibly simply to use, and on linux just install the prismlauncher flatpak and double-check its permissions via the flatseal app.