What happened?


Following reports that we received we found that a malicious user has created several accounts and uploaded projects containing malware to the platform. We have banned all accounts relevant to this.


In collaboration with the author community, the CurseForge team has undertaken a thorough investigation to address this issue promptly and ensure that such malicious actions are prevented from happening in the future. Our primary objective is to provide a swift resolution and implement preventive measures.


This article will provide you with instruction on how to use a detector tool that will help you identify if your computer has been infected.


How do I know if I am infected?


There are 2 possibilities

  1. You may have downloaded an infected mod but haven’t run it yet (i.e. launched the mod in Minecraft). You can find a list here[ANCHOR] that will be continuously updated as more projects are found for containing this malicious code. In that case you are still safe and all you need to do is delete the mod using the CurseForge client.

  2. If you have already run an infected mod, or if you want to check to be safe, download the detection tool from here[LINK] and run it. GitHub project can be found here [LINK].


What to do if the detection tool says I am infected?

If you’ve run the detection tool mentioned above and was found to be infected, please proceed with the following steps:


  1. The tool will provide a list of the files detected on your PC. See example below:



  1. If you’re sure that these are not files you intentionally placed there, simply go to each file destination and delete those files.

  2. You can re-run the tool after deleting the files to be sure nothing else is found.



Live list of confirmed mods that were infected (Last Updated - 06/07/2023 13:00 UTC)

Projects that were infected and are now fixed:

  1. Most of the projects from LunaPixelStudios - It is advised to ensure that you have the latest version of any modpack, as the necessary fixes should already be available for those modpacks.


Projects that are infected and taken down permanently:

  1. Golem Awakening

  2. Phanerozoic Worlds

  3. Autobroadcast

  4. Museum Curator Advanced

  5. Vault Integrations (Bug Fix)

  6. AmazingTitles

  7. dungeonx

  8. HavenElytra

  9. DisplayEntityEditor

  10. The Nexus Event Custom Event

  11. SimpleHarvesting

  12. McBounties

  13. More and Ore advanced

  14. Easy Custom Foods

  15. AntiCommandSpam Bungeecord Support

  16. UltimateLevels

  17. AntiRedstoneCrash

  18. hydrationPlugin

  19. NoVPN

  20. Fragment Permission Plugin

  21. Anti ChatReport

  22. Additional Weapons+

  23. Just Enough Ingots