Self-hosted Minecraft servers are facing a new ransomware threat: Khonsari

Minecraft players have been hit hard by the newest ransomware threat: Khonsari. It’s not a new plague, but it is sobering to see how far hackers can go with this type of malware when hosted on self-hosted servers. Players could be hiding behind protection from anti-virus software alone and find themselves infected at any moment. The key for security experts will now lie in connecting with hosting providers more closely so that errors like these are caught before they become widespread threats.

The “how much is a minecraft server” is a topic that has been brought up recently. It appears that there are new ransomware threats to self-hosted Minecraft servers.


Alexandru Poloboc is an author.

Editor of the News

Alex spent the most of his time working as a news reporter, anchor, and on TV and radio, with an overriding drive to always get to the bottom of things and find the truth… Continue reading


If you’re a Minecraft player who likes to run your own servers, you’ll be interested in what we have to say right now.

Microsoft is urging administrators of self-hosted Minecraft servers to update to the current version to protect themselves against Khonsari ransomware attacks that take use of the serious Log4Shell security flaw.

Last week, Mojang Studious, the Swedish video game company behind Minecraft, delivered an emergency security upgrade.

The flaw identified as CVE-2021-44228 in the Apache Log4j Java logging library (used by the game’s Java Edition client and multiplayer servers) been addressed with this updated repair software.

Microsoft is issuing a warning to Minecraft players all across the world.

When it all began, there was no indication of assaults employing Log4Shell flaws on Minecraft servers.

Microsoft, on the other hand, updated their CVE-2021-44228 advice today to warn about continued ransomware exploitation on non-Microsoft hosted Minecraft servers.

We put the safety of our players first. Unfortunately, we discovered a security flaw in Minecraft: Java Edition early today.

Although the problem has been fixed, please take the following precautions to safeguard your gaming client and/or servers. Please magnify by retweeting.

10 December 2021 — Minecraft (@Minecraft)

Hackers transmit a harmful in-game message to a vulnerable Minecraft server in cases like these, according to Redmond authorities.

This exploit uses CVE-2021-44228 to extract and execute an attacker-hosted payload on both the server and the susceptible clients connected to it.

The Microsoft 365 Defender Threat Intelligence Team and the Microsoft Threat Intelligence Center (MSTIC) were alerted as a result of this.

They discovered PowerShell-based reverse shells in business intrusions when Log4j attacks targeting Minecraft servers were used as an entry point.

The worst part is that, despite the fact that Minecraft isn’t something you’d expect to find on an enterprise endpoint, the threat actors who successfully breached one of these servers also used Mimikats to steal credentials, presumably to maintain access to the breached systems for further activity.

To update to the patched version, players who use Mojang’s official client should exit all running game and Minecraft Launcher instances and restart the Launcher, which will automatically apply the fix.

Players who are utilizing third-party launchers or customized Minecraft clients should contact their third-party suppliers for a security update.

While running your own Minecraft server, have you seen any odd behaviors? Please tell us about your experience in the comments area below.

Was this page of assistance to you?

Thank you very much!

There are insufficient details It’s difficult to comprehend Other Speak with a Professional

Start a discussion.

Watch This Video-

Related Tags

  • minecraft servers survival
  • minecraft smp servers
  • best bedrock servers

Leave a Comment

Your email address will not be published. Required fields are marked *