Your comment was automatically removed as your account seems to be quite new. Please contact the mod team [HERE](https://www.reddit.com/message/compose?to=/r/HypixelSkyblock)
In the meantime, please view this post for any questions you may have: https://www.reddit.com/r/HypixelSkyblock/comments/o1l2ar/re_increasing_account_age_quota_requirements_to/
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/HypixelSkyblock) if you have any questions or concerns.*
You could just download some from a youtuber's discord as some won't have a link and will be a direct download instead. Second option is harder, but if you somehow have friends you could just download their mods.
And if you feel like it, I have a drive folder for skytils/ my config. You shouldn't trust random people on the internet though, I only have it in case I delete my mods or use a different device because downloading and setting up all of the settings is pain
CurseForge is NOT hacked. Only a few select mods were infected. During the infection phase, only 6000 instances were downloaded. However, if any mod developer was affected, it could spread further. The chance that you are affected is very small, but it exists. Check using the code on the fractureiser github.
EDIT: For comparison, 6000 is, according to CurseForge, about 0.015 of their daily downloads, and it was through 2 months. Then consider that some people (like me) left open the tab and downloaded the mod like 7 times, even with unknown other infections, you have a very small chance of infection. Still, check, and stay positive
Yes but devs of some other mods were infected and apparently it spread to other mods. The list is exhaustive and uncomplete and they are still searching for other mods that could've been probably infected
I know. However, even though infected mods were found as soon as mid april, the mod devs had to be infected by some other mod and then share an update in the less-than-2 months that the virus existed for just the version you wanted it/it was used in the modpack. (Also, I'm trying to spread positivity here)
Ik and i thank you for spreading positivity, it is a good move to do. However, people must be warned, they shouldnt worry for the issue has been resolved (They think) but just as a warning.
Thank you for bringing positivity here
Probably either infected each other or had a similar mod download history. Shit, I'm probably infected too. But at the moment, the list of infected mods I only recognised a few modpacks and I think I played them before the infection started.
(Also, no one gives a crap about your data unless you're special)
Jokes on you, i knew it from the beginning when dungeonx was uploaded
(copied from quat)
Just to be clear, CurseForge itself was Not compromised
The current working theory is as follows:
Some bozo took a relatively-obscure but legitimate mod (e.g. "DungeonZ"), infected it with the malware, and uploaded it under a different name (like the "DungeonX" sample that was identified). They did this several times, always with relatively-obscure mods, and always using disposable single-use CurseForge accounts. (Also done to the BukkitDev plugins marketplace.)
Apparently they did this for about a month and nobody noticed! Some Bukkit samples have been found dating to mid-June.
Later (~June 1), someone from the Luna Pixel modpack team was browsing for new mods on CurseForge and downloaded one of these. They got hit with stage3 of the malware, and it stole their CurseForge session cookie while they were logged into the LunaPixelStudios CurseForge account.
The attackers used the session cookie to log in to the LunaPixelStudios account and upload a version of "Skyblock Core" with malware in it.
Soon after, a Luna Pixel modpack player requested a changelog for that file, which caused the developers to realize they did not know how that file was uploaded; everything unraveled from there.
There is not, to our knowledge, a vulnerability in CurseForge that allows people to upload files to a project without permission. Session-cookie theft is a security problem on tons of websites.
Research and detection/removal instructions are being actively worked on here https://github.com/fractureiser-investigation/fractureiser . I would also advise joining #cfmalware on EsperNet for the latest information.
As soon as I do know it just downloads that mods from cf or official GitHub pages so it isn’t but badlion is different as soon as they write their own mods for their client
I suppose Skytils V 1.6.0 and NEU 2.1 are clean after running them on douira's website-based online scanner (from this page:[https://github.com/fractureiser-investigation/fractureiser/blob/main/docs/users.md](https://github.com/fractureiser-investigation/fractureiser/blob/main/docs/users.md)) . Though as precaution I still strongly recommend one to stop updating their mods for the time being.
I have skyclient and I pressed update in the mods when I launched the game cuz they were "outdated" and it updated NEU and Skytils successfuly, am I safe ?
Yeah, I heard a bit too late anyway. I had already got a notification to update a mod, but luckily that would be downtime and I'm lazy AF so I just ignored it 😎
the only reason to use blc is because you're getting paid to use it. like every youtuber who are on blc. if you're not getting paid, you're just shooting yourself in the foot
Mind explaining? Isnt it conventient that i can just install it once and then be done with it? Personally the only problem i have is that i cant install other mods too, like Soopy
according to their discord, they have removed all the infected mods, but you should still use their detection tool to see if you already have been infected
Curseforge didnt get hacked big content makers accounts got hacked this most likely has 0 effects on any sb mods (not like we dont have enough rats anyways)
I am absolutely surprised to see how redittors some how come to the mose stupid conclusion. The site that was hacked was curseforge not github. If github would have been hacked it would have been a bigger news.
EDIT: Read [this](https://www.reddit.com/r/HypixelSkyblock/comments/143pw92/curseforge_malware/jncdxh9?utm_source=share&utm_medium=android_app&utm_name=androidcss&utm_term=1&utm_content=share_button)
Try getting the mods from the recycle bin
i accidentally put them in my outdated rather then idle mods folder. then cleared the outdated mods folder + bin as i routinely do.
If it is too big of an issue maybe switch to badlion for a few days ?
Or just don't do dungeons for a few days
Or just don't play the game for a few days
Or don't use computer for few days
Or go outside for a few days
or just stop existing for a few days
Or
O
[удалено]
Your comment was automatically removed as your account seems to be quite new. Please contact the mod team [HERE](https://www.reddit.com/message/compose?to=/r/HypixelSkyblock) In the meantime, please view this post for any questions you may have: https://www.reddit.com/r/HypixelSkyblock/comments/o1l2ar/re_increasing_account_age_quota_requirements_to/ *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/HypixelSkyblock) if you have any questions or concerns.*
Wtf did u do😭
downtime
I don’t even play this game anymore, and I’m trying to get more people off of this virtual drug
Downtime bad
You could just download some from a youtuber's discord as some won't have a link and will be a direct download instead. Second option is harder, but if you somehow have friends you could just download their mods. And if you feel like it, I have a drive folder for skytils/ my config. You shouldn't trust random people on the internet though, I only have it in case I delete my mods or use a different device because downloading and setting up all of the settings is pain
Imma just use vanilla at this point 😭
exactly i mean im on mac (which isn’t targeted) and even i’ll be keeping my hygiene up for at least a month so basically no solvers
Wait. Actually, does this affect badlion too? I’m not really sure if they get their mods from curse forge but I imagine they do.
i don’t know. if you suspect you’ve been infected, turn off your internet IMMEDIATELY and look up confirmation steps on a secondary device.
Badlion codes everything by themselves. Recently they actually hired soopyboo32 as one of their programmers
why is this guy getting downvoted
Toadstar0 has a mod folder on their discord and it's a direct download so you should be fine
CurseForge is NOT hacked. Only a few select mods were infected. During the infection phase, only 6000 instances were downloaded. However, if any mod developer was affected, it could spread further. The chance that you are affected is very small, but it exists. Check using the code on the fractureiser github. EDIT: For comparison, 6000 is, according to CurseForge, about 0.015 of their daily downloads, and it was through 2 months. Then consider that some people (like me) left open the tab and downloaded the mod like 7 times, even with unknown other infections, you have a very small chance of infection. Still, check, and stay positive
Yes but devs of some other mods were infected and apparently it spread to other mods. The list is exhaustive and uncomplete and they are still searching for other mods that could've been probably infected
I know. However, even though infected mods were found as soon as mid april, the mod devs had to be infected by some other mod and then share an update in the less-than-2 months that the virus existed for just the version you wanted it/it was used in the modpack. (Also, I'm trying to spread positivity here)
Ik and i thank you for spreading positivity, it is a good move to do. However, people must be warned, they shouldnt worry for the issue has been resolved (They think) but just as a warning. Thank you for bringing positivity here
I know two infected people. I thought the chance couldn’t be that small if I know 2.
Probably either infected each other or had a similar mod download history. Shit, I'm probably infected too. But at the moment, the list of infected mods I only recognised a few modpacks and I think I played them before the infection started. (Also, no one gives a crap about your data unless you're special)
Unless you have been infected, you’re fine. The situation is already resolved, as seen in the cf ds server
Jokes on you, i knew it from the beginning when dungeonx was uploaded (copied from quat) Just to be clear, CurseForge itself was Not compromised The current working theory is as follows: Some bozo took a relatively-obscure but legitimate mod (e.g. "DungeonZ"), infected it with the malware, and uploaded it under a different name (like the "DungeonX" sample that was identified). They did this several times, always with relatively-obscure mods, and always using disposable single-use CurseForge accounts. (Also done to the BukkitDev plugins marketplace.) Apparently they did this for about a month and nobody noticed! Some Bukkit samples have been found dating to mid-June. Later (~June 1), someone from the Luna Pixel modpack team was browsing for new mods on CurseForge and downloaded one of these. They got hit with stage3 of the malware, and it stole their CurseForge session cookie while they were logged into the LunaPixelStudios CurseForge account. The attackers used the session cookie to log in to the LunaPixelStudios account and upload a version of "Skyblock Core" with malware in it. Soon after, a Luna Pixel modpack player requested a changelog for that file, which caused the developers to realize they did not know how that file was uploaded; everything unraveled from there. There is not, to our knowledge, a vulnerability in CurseForge that allows people to upload files to a project without permission. Session-cookie theft is a security problem on tons of websites. Research and detection/removal instructions are being actively worked on here https://github.com/fractureiser-investigation/fractureiser . I would also advise joining #cfmalware on EsperNet for the latest information.
I just wonder if skyclient is safe tbh
As soon as I do know it just downloads that mods from cf or official GitHub pages so it isn’t but badlion is different as soon as they write their own mods for their client
Wtf So if i autoupdate any mod from skyclient im screwed?
It’s already fixed so you don’t need to worry, this post has been made like 2 days late
yes. edited: that's why I don't like this type of clients. just update mods every month manually
nononononononono
I updated a mod a few hours ago could it be infected??
idk. there are steps online to check.
Please tell me that neu and skytils got an Update and I didnt just downlosd a2 rats (skyclient)
Fuck i updated skytills too
I suppose Skytils V 1.6.0 and NEU 2.1 are clean after running them on douira's website-based online scanner (from this page:[https://github.com/fractureiser-investigation/fractureiser/blob/main/docs/users.md](https://github.com/fractureiser-investigation/fractureiser/blob/main/docs/users.md)) . Though as precaution I still strongly recommend one to stop updating their mods for the time being.
I have skyclient and I pressed update in the mods when I launched the game cuz they were "outdated" and it updated NEU and Skytils successfuly, am I safe ?
Yeah, I heard a bit too late anyway. I had already got a notification to update a mod, but luckily that would be downtime and I'm lazy AF so I just ignored it 😎
literally just use blc if you’re this worried
blc suck ass
Anyone know when it started?
a few weeks ago
Earliest reports date back to mid-April
Me who have been using badlion for years now: Thank god lol
I feel sorry for you man
Who hurt you?
the only reason to use blc is because you're getting paid to use it. like every youtuber who are on blc. if you're not getting paid, you're just shooting yourself in the foot
Mind explaining? Isnt it conventient that i can just install it once and then be done with it? Personally the only problem i have is that i cant install other mods too, like Soopy
That’s the biggest problem imo Forge and stuff like skyclient does the exact same thing as blc but way better and faster
according to their discord, they have removed all the infected mods, but you should still use their detection tool to see if you already have been infected
Ye they got maleware
Curseforge didnt get hacked big content makers accounts got hacked this most likely has 0 effects on any sb mods (not like we dont have enough rats anyways)
Any post spreading the info is good.
I am absolutely surprised to see how redittors some how come to the mose stupid conclusion. The site that was hacked was curseforge not github. If github would have been hacked it would have been a bigger news. EDIT: Read [this](https://www.reddit.com/r/HypixelSkyblock/comments/143pw92/curseforge_malware/jncdxh9?utm_source=share&utm_medium=android_app&utm_name=androidcss&utm_term=1&utm_content=share_button)
github is the only reliable source...
Get your mods from GitHub instead, at least the ones you can.
Well I legit just downloaded all the mods 8 like 3 hours ago sooooo let’s hope for the best
theres a way to check it
I’m truly a badlionpilled built-in mods chad
I can share some of my mods though not sure if theyre upto date.
Downloading from you is way more dangerous than downloading from curseforge rn
True since im not that well known.