Skip to content

Spanish translation fork - Information about the fractureiser malware

License

Notifications You must be signed in to change notification settings

C4rluX/fractureiser

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

fractureiser logo

Pardon our dust, documentation still in progress

简体中文版本见此

What?

fractureiser is a virus found in several Minecraft projects uploaded to CurseForge and BukkitDev. The malware is embedded in multiple mods, some of which were added to highly popular modpacks. The malware is only known to target Windows and Linux.

If left unchecked, fractureiser can be INCREDIBLY DANGEROUS to your machine. Please read through this document for the info you need to keep yourself safe.

We've dubbed this malware fractureiser because that's the name of the CurseForge account that uploaded the most notable malicious files.

What YOU need to know

If you're simply a mod player and not a developer, the above link is all you need. It contains surface level information of the malware's effects, steps to check if you have it and how to remove it, and an FAQ.

Anyone who wishes to dig deeper may also look at

I have never used any Minecraft mods

You are not infected.

Current Investigation Status

We have a good idea how fractureiser works, from Stages 0 to 3. There are certain unknowns, but the attack servers are offline and to our knowledge, new infections are not possible. Old infections may still be active.

User-facing documentation is more or less finished. We're working with community members to get it translated into other languages to further spread awareness.

Follow-Up Meeting

On 2023-06-08 the fractureiser Mitigation Team held a meeting with notable members of the community to discuss preventive measures and solutions for future problems of this scale. See this page for the agenda and minutes of the event.

Additional Info

If you have files relevant to this malware, please upload them to https://wormhole.app and email the URL to fractureiser@unascribed.com — anything sent to it will be shared with the rest of the team. If you need to get in touch more generally, please send mail to jaskarth4@gmail.com.

If you copy portions of this document elsewhere, please put a prominent link back to this GitHub Repository somewhere near the top so that people can read the latest updates and get in contact.

The only official public channel you may join without being personally invited that's run by the same team that wrote this writeup is #cfmalware on EsperNet IRC. Joining an IRC channel will expose your IP address.

Do not ask for samples. If you have experience and credentials, that's great, but we have no way to verify this without using up tons of our team's limited time. Sharing malware samples is dangerous, even among people who know what they're doing.


- the fractureiser Mitigation Team

About

Spanish translation fork - Information about the fractureiser malware

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Java 100.0%