Minecraft Mods Malware (Fractureiser) Explained

If you use Minecraft mods regularly, you need to know this. Fractureiser is a malware that has been uploaded to some projects on Curseforge and users of particular mods are confirmed to be infected. Here’s what you need to know about detecting if you are infected and how to find out if there are other infected mods or jar files.

Note: This malware has only affected PC and Linux and not Mac. But we recommend Mac users still look up more information related to this.

Which Minecraft Mods are affected by Malware in June 2023?

There are some projects that are infected and taken down permanently while some that are fixed. The list is mentioned on the official support page of Curseforge.

The ones listed as ‘permanently taken down’ are as follows:

  • Golem Awakening
  • Phanerozoic Worlds
  • Autobroadcast
  • Museum Curator Advanced
  • Vault Integrations (Bug Fix) *Note – Not the Modpack Vault Integrations
  • AmazingTitles
  • dungeonx * Note – Not DungeonZ
  • HavenElytra
  • DisplayEntityEditor
  • The Nexus Event Custom Event
  • SimpleHarvesting
  • McBounties
  • More and Ore advanced
  • Easy Custom Foods
  • AntiCommandSpam Bungeecord Support
  • UltimateLevels
  • AntiRedstoneCrash
  • hydrationPlugin
  • NoVPN
  • Fragment Permission Plugin
  • Anti ChatReport
  • Additional Weapons+
  • UVision ENHANCED(server pack only)
  • UVision Server(server pack only)
  • UVision LITE (server pack only)
  • Create: Diesel and Oil Generators
  • Ultra Swords Mod
  • Simple Frames
  • AntiCrashXXL
  • Skelegram – The Skript Telegram Addon!

How to Detect & Find Out if you have got the Malware?

  • First, run the anti-malware tool that may already be installed on your PC.
  • Next, download the detection tools for Windows and Linux and run them. Here’s the github link.
how to detect hidden malware files minecraft mods
Image source: Curseforge support
  • Once the malware is detected, ensure you display hidden files as well. The option will be in your File Explorer > View Menu > Hidden Items.
  • Make sure to delete each and every malware file.
  • The official support page of Curseforge suggests that you need to delete the Microsoft Edge folder (the name will have a space in it) completely because this is made by malware. The genuine Edge folder won’t have a space in its name.
  • Also, run the Jar Malware Scanning tool to check whether any Jar files have been infected. Once the scan is done, delete the Jar files that are problematic.

So if you use Minecraft mods daily, you need to take action immediately and detect if your PC is affected. We would suggest that even when this situation clears in the future, these malware and virus checks need to be done regularly.

What is Fractureiser Malware?

It’s a virus that has been found in many Minecraft projects that are available on Curseforge. Many famous modpacks have been affected and it’s crucial that users spring into action and use the detection tools. It is named Fractureiser because that’s the name of the account that has uploaded the malicious files, as mentioned on the gitbhub page of fractureiser investigation.

If you are affected, make sure to keep checking updates on the official Curseforge and Github pages linked above because the investigation is still ongoing at the time of writing this article.

Those who want to stay safe – avoid downloading any Minecraft mods for a while. That’s because the full extent of this malware is not yet known.

If you have played mods in the last few months and want to know how to stay safe, they recommend not to launch Minecraft at all, even the vanilla version. Head over to Reddit for further discussions about the Minecraft Mods malware with other users.