Description

ferium (and all mod-updating software) should warn the user about the ongoing malware incident of fractureiser or even block any and all access to curseforge and modrinth for the time being.

It should be noted that ferium and indirectly any updating software is not to be accused of malware spreading, but the storage hosts (curseforge). I hope the team can help inform users fast to limit the spread.

Steps to reproduce

1. Use ferium or any mod-downloader (even GDlauncher)
2. Download any infected mod
3. Reboot without knowledge of the malware's presence
4. Your computer is infected. Discord tokens, Microsoft credentials, Minecraft credentials, and even login info cookies from your browser have been stolen. (This is a non-exhaustive list of what fractureiser does)

Operating System

Windows

Are you using the latest version of ferium?

• I am using the latest version of ferium

Additional Information

MODRINTH IS AS COMPROMISED BY THIS AS CURSEFORGE. THIS IS WHY I RECOMMEND WARNING USERS OR EVEN BLOCKING ACCESS.

FAQ of the fractureiser investigation mentions this:

Is Modrinth safer?
This isn't a website-level issue, Modrinth is just as safe as CurseForge is.
(https://github.com/fractureiser-investigation/fractureiser/blob/main/docs/users.md#is-modrinth-okay)

I made an announcement minutes after receiving notifications on Discord at #337. CurseForge has resolved the issue by deleting all infected files and banning users who specifically made mods with infected files. Modrinth has already scanned every file since the beginning and have found no infected files. Both websites now have measures in place to detect infected files being uploaded. When I was first alerted of this, I refreshed my CurseForge API key so that unless you had a custom one, you could not use ferium's CurseForge functionality.

Reboot without knowledge of the malware's presence

The malware only works if you run the infected mod.

Noted, sorry for the accidental fearmongering.

ahh no problem, it's better to let me know