"Hackers Exploit BleedingPipe RCE to Target Minecraft Servers, Players"

It has recently been discovered that hackers are actively exploiting a "BleedingPipe" remote code execution vulnerability in Minecraft mods to run malicious commands on servers and clients, allowing them to take control of the devices.  BleedingPipe is a vulnerability found in many Minecraft mods caused by the incorrect use of deserialization in the "ObjectInputStream" class in Java to exchange network packets between servers and clients.  The adversaries send specially crafted network packets to vulnerable Minecraft mod servers to take over the servers.  The threat actors can then use those hacked servers to exploit the flaws in the same Minecraft mods used by players that connect to the server, allowing them to install malware on those devices as well.  In a new report by a Minecraft security community (MMPA), the researchers have found that the flaw impacts many Minecraft mods running on 1.7.10/1.12.2 Forge, which uses unsafe deserialization code.
 

BleepingComputer reports: "Hackers Exploit BleedingPipe RCE to Target Minecraft Servers, Players"

Submitted by Anonymous on