Minecraft Viki (video wiki) ➜ https://minecraft.viki.gg
Keep yourself safe!
Want more? Check here…
-=Socials=-
Second Channel: @LunarVods
Twitter: https://twitter.com/Cygnus_MC
Discord: https://discord.gg/MDtfugqu5w
Want acces to the full interview and support my work?
Join the Patreon: https://www.patreon.com/CygnusMC
Thumbnail by: https://twitter.com/ApollyonX69
Pebble art by: https://midnightmorpha.carrd.co/
-=Summary=–
Bleeding Pipe, the newest exploit in minecraft 1.12.2 (and above), is as dangerous as the Log4J incident, and has already stolen Discord, steam and Minecraft accounts! The MMPA and serializationisbad has brought out statements, but put millions at risk, and meanwhile people where getting outrage about a stupid EULA changing. Ive tracked down and talked to one of the first people to get exploited @yoyoyopo5 and had him for an interieuw! Be sure to install PipeBlocker.
#log4j #bleedingpipe #minecraft
-=Timestamps=-
None
-=Credit&Sources=-
Mmpa on Bleedingpipe:
https://blog.mmpa.info/posts/bleeding-pipe/
SIB on Bleedingpipe:
https://github.com/dogboy21/serializationisbad/tree/master
Java ObjectInputStream:
https://docs.oracle.com/javase/8/docs/api/java/io/ObjectInputStream.html
Yoyoyopo’s Twitch:
https://www.twitch.tv/yoyoyopo5
Footage by ItsDrowned
https://www.twitch.tv/itsdrowned
source
BEFORE YOU COMMENT READ THIS:
– Corrections
*THIS DOES NOT AFFECT SINGLE-PLAYER WORLDS, OR WHITELISTED SERVERS
*This was not a zero day: While it was the first time a minecraft server was exploited, this has been known in java for years as Mad Gadget.
*The MMPA are not as bad as i made it out to be: The MMPA and SIB apearently had some disagreements and arguements, causing me to sadly critizise them undeserved, these are good folks with the right intention.
*Rusenon, while shown in the video as an acomplice, could just have been an hacked account.
*OIS is a legitimate Java Class with real use cases, if used properly
I wonder if this streamer understands u have to talk I N T O a mic
Is sky factory 4 vulnerable
breeding pipe? sorry, breeding pipe? sorry, breeding pipe? sorry, breeding pipe? sorry, bleeding pipe?
Question, if I play modded minecraft, but in singleplayer, can I be a victim of this exploit?:
So wait, if I’m just playing single player, am I safe?
Quick question. Does this mean that if you play singleplayer, you're safe?
Im genuinely aksing because im not sure
This is another good reason to use a whitelist on servers used for friends only
Time to play Vintage Story instead lads.
is it safe to play atm?
I already got the mods I need and dont plan on connecting my PC back to the internet anytime soon.
Microsoft cant force me to have an internet connection to play minecraft if I never connect to the internet and allow them to update everything.
Wait, "again"? I didn't know that modded Minecraft ever became safe again. How long has fracturizer been a non-issue?
Not taking a possible RCA seriously it's like… The stupidest thing to do
Especially with serialization.
Don't get me wrong, i absolutely understand the devs neglecting obsolete software but…
Like is not that hard to check/sandbox what you got from the serialized packet(/file or whatever you're using)
Wait so this only affects modded minecraft servers? So if ur playing singleplayer you should be fine?
Its bad that youtubers are spreading this exploit since its meant to be kept hidden as it was for a long time until that website leaked it
Another reason to just not play java anymore and switch to bedrock permanently
Can I play on private servers? Open to lan?
Only confirms my belief that discontinuing the legacy console editions was a huge mistake.
Good thing console edition doesn’t let you install mods, at least not easily. I have over a year’s worth of work on one world on there. Losing that would mentally destroy me.
when not having any friends and being alone actually helps you for once:
More and more I feel like playing this game less. It's been a year since I was enjoying playing. But now I just feel bad playing a game like lol
At this rate, I'm never going to play minecraft with mods again-
I'm fkn paranoid about all that's happening
Are big servers, like hypixel also affected with this vulnerability
This is one of the reasons why more stuff needs to be open-sourced. Even if the original developer is done with the project, other people may fork it and maintain it way past its lifetime, including for archaic versions of Minecraft too.
Are Hypixel SB mods still safe to use? Is Hypixel even safe to play on now? HELP 🙁
If someone hacks my discord account they can keep it. I have 2 step authentication on steam and anything that I've spent money on so they aren't going to get into those.
Not surprised honestly, with Microsoft doing their damnedest to control and monetize every aspect of minecraft, the fact we still haven’t settled on one mod launcher to use going forward, and the fact the community has gotten quite divisive in the past few years I wouldn’t be surprised if we suffer a few more attacks before Microsoft comes out with their own paid mod system as a “safe alternative” and sponsors enough of these attacks you can’t play modded minecraft safely anymore at all
Good thing I play unmodded Minecraft
That's actually scary what- I always have 2FA on all my accounts because I"m terrified of stuff like this. Geez. Good on you for getting the information out there, mate. 👍