Vulnerability in Minecraft Exposes Servers and Mod Packs
A recently discovered vulnerability puts user playing with Minecraft's multiplayer modes at risk. This is especially true for those using mod packs.
More than a decade since the release of version 1.0, Minecraft still remains an extremely popular title, attracting thousands of players every day. However, black clouds have recently gathered over the game, all due to a recently discovered vulnerability that could threaten servers and players.
"Bleeding Pipe"
MMPA (Minecraft Malware Prevention Alliance), an organization dedicated to working on improving the security of multiplayer gameplay in Minecraft, reported recently on its blog about a vulnerability dubbed "Bleeding Pipe." Properly exploited, the vulnerability is said to allow for access to a victim's computer and Remote Code Execution (or RCE).
According to MMPA, gamers and server owners using mod packages may be particularly vulnerable to attacks:
"This vulnerability has already been exploited many times and many 1.7.10/1.12.2 modpacks are vulnerable, however any other version of Minecraft can be affected if an affected mod is installed.
This vulnerability can spread past the server to infect any clients that might join, though we do not know if there is any such malware in the wild."
MMPA's post also includes a list of mods that may be susceptible to "Bleeding Pipe" vulnerability. Github user dogboy2, who managed to identify more than 30 vulnerable modifications launch an independent investigation.
Concerned Minecraft enthusiasts have also been instructed on what to do to minimize the threat from "Bleeding Pipe."
- Server owners should carefully monitor their server activity for suspicious activity and files. Temporarily excluding compromised packages from the list of supported mods, as well as installing community-created patches, may also prove helpful.
- Players who have had a recent incident on the servers are encouraged to perform a scan with an antivirus program and watch their system for suspicious activity.
More tips on how to deal with the vulnerability can be found on MMPA's website.
Not the first such case
Finally, it is worth recalling that "Bleeding Pipe" is not the first such case in recent times. Last year there was a high-profile problem related to Dark Souls servers. A security vulnerability enabled hackers to perform RCE attacks on unsuspecting players. The issue turned out to be so serious that the developers were forced to temporarily disable multiplayer gameplay.