What is CurseForge?
CurseForge is the largest online video game modification CDN (content distribution network). It hosts over 500,000 mods for games such as World of Warcraft, Stardew Valley, and Minecraft. Formerly owned by Twitch, the website is currently under the management of the Overwolf development platform, allowing users to explore and download game mods either through the web or via a desktop app.
Is CurseForge safe to use?
Many users consider CurseForge the safest and most trusted source for online video game mods. The website hosts a vast community of gamers and mod enthusiasts and even allows users to download mods using a desktop app, simplifying the browsing experience. In addition, the mods on CurseForge are subject to automated checks and manual reviews to reduce the chance of potential malware.
However, despite its approach to cybersecurity, CurseForge is a website that provides user-generated content. This means that the platform risks exposing itself to cybersecurity threats through malware posted by malicious actors. CurseForge has faced cyber threats before, including malware hidden in some user-uploaded mods, with Fractureiser being the most notorious CurseForge incident.
What was the cybersecurity incident related to CurseForge?
The latest cybersecurity incident related to CurseForge occurred in July 2023. It involved the distribution of malware through several popular Minecraft mods that users downloaded from CurseForge and Bukkit (another trusted CDN). As it turned out, malicious actors uploaded mods with malware (later named Fractureiser) capable of system compromise, credential theft, and further spread of the malware by infecting other mods or software.
Despite its quick discovery, CurseForge estimated that Fractureiser managed to slip into more than 6,000 computers, causing potential data breaches, unauthorized access to user accounts, and compromised systems. Although CurseForge was quick to remove the malware and alert users of the threat, the incident exposed the lack of strong security measures on CDN sites.
It’s also important to mention that CurseForge worked closely with security researchers and the modding community to identify and eliminate the Minecraft CurseForge threat. The role of the community and the platform’s proactive and honest approach aided in mitigating the damage to CurseForge users.
What were the dangers of downloading infected files from CurseForge?
Upon closer inspection, the dangers of downloading infected CurseForge files posed serious cyber threats. While hiding in Minecraft’s Java archive files (commonly known as JAR files) Fractureiser malware could quietly steal cookies, hijacking browser sessions and snatching sensitive data. In addition, the malware’s capabilities included system data exfiltration, open remote access for malicious users, and the ability to slow down the system and alter its settings.
Exposure to Fractureiser meant data breaches that could result in risks of online gaming, identity theft, financial loss, and account takeover.
Is CurseForge still compromised?
After the Fractureiser incident, CurseForge took additional security measures to reduce potential future damage and improve its cyber defenses. The platform has been vocal about its quest to mitigate damage and provide a safer CDN platform via social media and its website’s support page.
However, if you wonder whether CurseForge is safe again, the answer remains “unlikely.” According to some community forum members, you can still encounter infected files while browsing CurseForge. Therefore, you should always be extra careful when downloading files, even if relatively trustworthy sources provide them.
How to stay safe on CurseForge
Staying safe on CurseForge (or on any other website, for that matter) requires vigilance. However, in addition to being meticulous with your mods, you can also take these extra steps to safeguard yourself against malware:
- Carefully review and update your downloaded mods. Updating any kind of software is one key step in maintaining its safety. However, before updating your mods, be sure to carefully check the patch notes to avoid updating them with malware.
- Read reviews before downloading modifications. Modding communities tend to dissect every detail from every mod and update. Make sure to read the reviews from trusted sources before downloading the modification.
- Scan files for viruses. Using additional virus prevention tools can be a real extra lifeline in case of a malware mod. Scan downloaded files for viruses before opening them to protect your system.
- Download files from trustworthy or creators’ sites. Official sources are your best bet, so make sure to download mods directly from their official site or trusted sources. And even then, be cautious, check the reviews, and scan the files before opening them.
- Use a VPN. While it’s more of a privacy tool, a VPN can safeguard your online connection. Using a service such as NordVPN will grant you access to the Threat Protection Pro™ feature that scans downloaded files for malware and blocks access to pages with malicious content. You can also use a VPN to safeguard your Minecraft server from unwanted snoopers.
Online security starts with a click.
Stay safe with the world’s leading VPN