[Fractureiser] Powerful new malware circulating, but not detected by BitDefender

Recently, a highly sophisticated piece of malware has been infecting numerous PCs with executable Java binary files (.JAR files). Infesting mainly users of the Minecraft game, this virus is very sophisticated as it is able to replicate itself and infect all jar files on the user's computer. It was discovered less than 10 days ago. The virus has a very vicious installation process. Indeed, Minecraft users can modify their gaming experience by downloading mods created by independent individuals, who distribute them on the Internet, notably on the online Minecraft modding platforms curseforge.com and modrinth.com. The problem is that this malware masquerades as Microsoft Edge and steals banking information/web browser cookies/Discord/Cryto accounts. The problem with this malware is that it replicates itself in every .jar on people's machines and if a mod developer shares an infected jar it can infect many other computers. I've done my own tests with the virus on a secure environment (isolated virtual machine) and Bitdefender detects absolutely nothing) it lets all requests from this virus through. I therefore ask the community to be extremely vigilant and I ask the person who administers BitDefender to work as quickly as possible on a recognition of the malware.

If you're interested in this disease and want to know how to detect it and how it works, I've attached some resources that talk about it in detail... Tools have been proposed by Curse forge team to find out if you are infected, it would be appreciated if Bitdefender could add this check.

Curse Forge Article : https://support.curseforge.com/en/support/solutions/articles/9000228509-june-2023-infected-mods-detection-tool/?locale=fr#What-happened?

Github which discusses the malware in detail and how it works : https://github.com/fractureiser-investigation/fractureiser

Kaspersky Article : https://www.kaspersky.fr/blog/curseforge-compromised-fractureiser/20695/

Tagged:

Comments