StevenNL2000
Forum Admin 
Posts: 6,415
| Likes: 6,936
IGN: StevenNL2000
Timezone: UTC+01:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by StevenNL2000 on Apr 18, 2018 8:34:16 GMT
blog.avast.com/minecraft-players-exposed-to-malicious-code-in-modified-skinsSomeone figured out that you can add malicious code to the image file of a skin, and that the modified file can then still be uploaded to Minecraft. Fortunately, it appears to be the work of script kiddies and not people who knew what they were doing. It's namely not easy to actually get code like this running on the target computer. According to Mojang, the malicious skins were never on the Marketplace, so only Java Edition is affected.
|
|
kunochan
Veteran Member
Posts: 407
| Likes: 123
|
Post by kunochan on Apr 18, 2018 9:10:16 GMT
Jokes on you suckers! I MAKE MY OWN SKINS!
|
|
DaddyRadlof
Full Member
i rape my own children
Posts: 153
| Likes: 41
|
Post by DaddyRadlof on Apr 18, 2018 9:28:15 GMT
Jokes on you suckers! I MAKE MY OWN SKINS! same owo |
|
xfilez
Veteran Member
paint me like one of your french girls
Posts: 2,667
| Likes: 3,303
|
Post by xfilez on Apr 18, 2018 9:50:05 GMT
Say a person did install one of these malware skins and set it up as their own through the website. What is even possible from there?
|
|
StevenNL2000
Forum Admin
Posts: 6,415
| Likes: 6,936
IGN: StevenNL2000
Timezone: UTC+01:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by StevenNL2000 on Apr 18, 2018 14:27:08 GMT
Say a person did install one of these malware skins and set it up as their own through the website. What is even possible from there? Each skin you see ingame was downloaded to your computer for that purpose, so it's quite possible that you have or have had an infected skin on your computer. It's an important point that script kiddies and not professionals are responsible, because executing the malicious code without the victim being consciously involved requires you to find an exploit in the way the image files are handled and adapt the infection to that. It's unlikely (but not impossible) that the vanilla client is exploitable like that, but you have a much higher chance with victims that need custom code for handling skins, such as computers hosting skin viewer websites. |
|
LightUk
Veteran Member
Fear cuts deeper than swords.
Posts: 1,616
| Likes: 552
|
Post by LightUk on Apr 18, 2018 15:19:15 GMT
Luckily i make my own skins, but also, i haven't changed my skin for few years now.
|
|
StevenNL2000
Forum Admin
Posts: 6,415
| Likes: 6,936
IGN: StevenNL2000
Timezone: UTC+01:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by StevenNL2000 on Apr 18, 2018 19:46:40 GMT
|
|
_Windows
Club 4000 Member
Posts: 7,881
| Likes: 9,611
|
Post by _Windows on Apr 19, 2018 13:07:32 GMT
This reminds me of when I was in an IT class, and one of the other students decided it'd be funny to share a fork bomb vbs file via the network drive. It didn't work too well, because I never run scripts without checking the code inside, and it was obviously a fork bomb.
|
|
je isnt hapi
Veteran Member
i passed physics
Posts: 1,166
| Likes: 1,552
|
Post by je isnt hapi on Apr 19, 2018 19:03:25 GMT
This reminds me of when I was in an IT class, and one of the other students decided it'd be funny to share a fork bomb vbs file via the network drive. It didn't work to well, because I never run scripts without checking the code inside, and it was obviously a fork bomb. that is amazingly funny |
|
10/01/2017: OPaS'd by 
05/06/2018: Approved by 
