News
Newsroom News Breaking Comics Tags RSS
News video games 01 August 2023, 14:41

author: Adam Celarek

Vulnerability in Minecraft Exposes Servers and Mod Packs

A recently discovered vulnerability puts user playing with Minecraft's multiplayer modes at risk. This is especially true for those using mod packs.

Source: Mojang
i

More than a decade since the release of version 1.0, Minecraft still remains an extremely popular title, attracting thousands of players every day. However, black clouds have recently gathered over the game, all due to a recently discovered vulnerability that could threaten servers and players.

"Bleeding Pipe"

MMPA (Minecraft Malware Prevention Alliance), an organization dedicated to working on improving the security of multiplayer gameplay in Minecraft, reported recently on its blog about a vulnerability dubbed "Bleeding Pipe." Properly exploited, the vulnerability is said to allow for access to a victim's computer and Remote Code Execution (or RCE).

According to MMPA, gamers and server owners using mod packages may be particularly vulnerable to attacks:

"This vulnerability has already been exploited many times and many 1.7.10/1.12.2 modpacks are vulnerable, however any other version of Minecraft can be affected if an affected mod is installed.

This vulnerability can spread past the server to infect any clients that might join, though we do not know if there is any such malware in the wild."

MMPA's post also includes a list of mods that may be susceptible to "Bleeding Pipe" vulnerability. Github user dogboy2, who managed to identify more than 30 vulnerable modifications launch an independent investigation.

Vulnerability in Minecraft Exposes Servers and Mod Packs - picture #1

List of exposed modsSource: dogboy21; github.com

Concerned Minecraft enthusiasts have also been instructed on what to do to minimize the threat from "Bleeding Pipe."

  1. Server owners should carefully monitor their server activity for suspicious activity and files. Temporarily excluding compromised packages from the list of supported mods, as well as installing community-created patches, may also prove helpful.
  2. Players who have had a recent incident on the servers are encouraged to perform a scan with an antivirus program and watch their system for suspicious activity.

More tips on how to deal with the vulnerability can be found on MMPA's website.

Not the first such case

Finally, it is worth recalling that "Bleeding Pipe" is not the first such case in recent times. Last year there was a high-profile problem related to Dark Souls servers. A security vulnerability enabled hackers to perform RCE attacks on unsuspecting players. The issue turned out to be so serious that the developers were forced to temporarily disable multiplayer gameplay.

  1. Message from Minecraft Malware Prevention Alliance
  2. Github profile of user dogboy2

Adam Celarek

Adam Celarek

He has been interested in video games since an early age. He graduated film studies and new media, and defended his thesis on ludology. He started working at Gamepressure in early 2023. He is primarily a guide writer. Enthusiast of RPGs, unconventional indie games and competitive e-sports titles (mainly brawlers and MOBAs). In addition to games, he's also interested in table-top role-playing games and collectible card games. A fan of old-school technology and retro style!

more

video gamessecurity Minecraft (franchise) hackers bugs / technical problems (games) PC
Minecraft

Minecraft
RDR2 Guide Cyberpunk 2077 Guide Assassins Creed Valhalla Guide BG3 Guide Is there flashlight in Cyberpunk 2077 How to Find and Activate Hall of the Penitent in Diablo 4 Avatar Frontiers of Pandora Interactive Map BG3 Interactive Map