However, despite the severity of their developer’s actions, no Magma member intervened to stop the attacks. Indeed, chat logs confirmed that they raised the alarm in Magma’s own discord. Upon discovering the source of the attacks, affected public servers and our own staff contacted moderation members of the Magma project to get their help in protecting their servers against the Log4Shell vulnerability. The stream in question was hosted in Magma’s very own public voice channels, which showcased the malicious consequences of TheDevMinerTV’s actions on servers and clients alike. We have successfully confirmed that 26 servers, and a number of clients ranging from vanilla to modded, were targeted with several payloads including shutdown code. We confirmed that TheDevMinerTV was actively teaching and exploiting the Log4Shell vulnerability against public servers, while their project lead, Hexeption, watched.
(You can read about how this affects Minecraft at this Mojang blog post. On the morning of December 10th, 2021, Magma’s developer TheDevMinerTV exploited the Log4j RCE (Remote Code Execution) vulnerability known as Log4Shell. While this post first intends to disseminate information regarding this event, we hope they explain why Magma’s breach of trust goes beyond PixelmonMod.
#Pixelmon 1.12.2 adventure server mod
The Pixelmon Mod will no longer be supporting, recommending or working with the Magma Team, a Spigot-Forge hybrid server API, for having compromised the security of modded communities online.
To read this post in document form, go to here (Pixelmon Storage) or here (Google Drive) I am Isi, representing The Pixelmon Mod, with a statement for our own community and the broader modding/Minecraft community as a whole.
0 kommentar(er)
