Security News > 2023 > July > Hackers exploit BleedingPipe RCE to target Minecraft servers, players
Hackers are actively exploiting a 'BleedingPipe' remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices.
BleedingPipe is a vulnerability found in many Minecraft mods caused by the incorrect use of deserialization in the 'ObjectInputStream' class in Java to exchange network packets between servers and clients.
In short, the attackers send specially crafted network packets to vulnerable Minecraft mod servers to take over the servers.
The threat actors can then use those hacked servers to exploit the flaws in the same Minecraft mods used by players that connect to the server, allowing them to install malware on those devices as well.
In a new report by a Minecraft security community, the researchers have found that the flaw impacts many Minecraft mods running on 1.7.10/1.12.2 Forge, which uses unsafe deserialization code.
MMPA says a threat actor is actively scanning for Minecraft servers on the internet that are impacted by this flaw to conduct attacks, so fixing any vulnerable mods installed on servers is essential.
News URL
Related news
- Hackers exploit ProjectSend flaw to backdoor exposed servers (source)
- Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Hackers exploit critical bug in Array Networks SSL VPN products (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)