If you are a Minecraft player and made a habit of hosting your own servers, you will surely want to hear what we have to say right now.

  • Minecraft players are now targeted by a group of international hackers.Microsoft warns about hackers spreading the Khonsari ransomware.Apparently, malicious third parties target self-hosted Minecraft servers.Updating to the latest version of the official game will help you in this.

Redmond tech giant Microsoft urges admins of self-hosted Minecraft servers to upgrade to the latest release to defend against the Khonsari ransomware attacks exploiting the critical Log4Shell security vulnerability.

The Swedish video game developer that created Minecraft, Mojang Studious, released an emergency security update last week.

This new repair software was issued to address the bug tracked as CVE-2021-44228 in the Apache Log4j Java logging library(used by the game’s Java Edition client and multiplayer servers).

Microsoft is warning Minecraft users everywhere

When this all started, there was no mention of attacks targeting Minecraft servers using Log4Shell exploits.

However, Microsoft updated its CVE-2021-44228 guidance today to warn of ongoing exploitation to deliver ransomware on non-Microsoft hosted Minecraft servers.

Redmond officials also said that in situations like this, hackers send a malicious in-game message to a vulnerable Minecraft server.

Player safety is the top priority for us. Unfortunately, earlier today we identified a security vulnerability in Minecraft: Java Edition.

The issue is patched, but please follow these steps to secure your game client and/or servers. Please RT to amplify.https://t.co/4Ji8nsvpHf

— Minecraft (@Minecraft) December 10, 2021

This action exploits CVE-2021-44228 to retrieve and execute an attacker-hosted payload on both the server and on connected vulnerable clients

This triggered the Microsoft 365 Defender Threat Intelligence Team and the Microsoft Threat Intelligence Center (MSTIC) to get involved.

Upon a closer look, they also observed PowerShell-based reverse shells deployed in enterprise breaches where Log4j exploits targeting Minecraft servers were the entry point.

And, the worst part is that, although Minecraft is not something one would expect to find installed on an enterprise endpoint, the threat actors who successfully compromised one of these servers also used Mimikats to steal credentials, likely to maintain access to the breached systems for follow-on activity.

So, in order to upgrade to the patched version, gamers using Mojang’s official client are advised to close all running game and Minecraft Launcher instances and restart the Launcher to install the patch automatically.

Players that are using modified Minecraft clients and third-party launchers should reach out to their third-party providers for a security update.

Have you observed any peculiar behaviors while hosting your own Minecraft server? Share your experience with us in the comments section below.

If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

Still having issues? Fix them with this tool:

SPONSORED

  • Minecraft Issues

Email *

Commenting as . Not you?

Comment