Minecraft Mod Malware Deletes Decade Old Discord Servers

Players installing shared modpacks from friends or Discord are losing Microsoft and Discord access with hackers bypassing 2FA to nuke long running communities. Fresh victim reports this week show the attack is still claiming servers built over 10 years.

If you jumped on a Minecraft modpack sent by an old friend or random Discord contact in the last few days stop and check your accounts. A string of fresh incidents shows trojanized modpacks are actively stealing logins for both Minecraft Microsoft accounts and connected Discord profiles.

The pattern is consistent. A user gets a message offering a modpack for a private server or fun project. They install it. Soon after their accounts are taken over. Hackers then use the access to delete servers some of which have existed for a decade. One victim publicly begged Discord support on July 11 after watching their 10 year old server vanish.

Downloading random modpacks is playing Russian roulette with your entire online presence right now. The convenience of shared files has become the perfect vector for credential stealers that ignore 2FA in some cases.

Several unrelated accounts posted nearly identical stories over the past 72 hours. One warned friends not to accept any modpack invites after their own compromise. Another described watching the hacker bypass Discord protections to wipe everything. The malware seems designed to target gaming ecosystems where players routinely share files without heavy scrutiny.

HEY ALL I DID A STUPID AND GOT HACKED. DO NOT INSTALL A MODPACK TO PLAY MINECRAFT WITH AN OLD FRIEND WORST MISTAKE OF MY LIFE.

X post containing the all-caps victim statement about getting hacked after installing a modpack from an old friend
Public victim admission matching the exact quote warning others not to install modpacks Source

This is not a new threat in theory. Security firms have tracked similar Minecraft targeted malware campaigns for months. What makes it news today is the visible spike in real world fallout with active servers disappearing and creators scrambling to recover accounts. The attacks exploit the trust built into small multiplayer circles where one compromised friend can cascade damage across dozens of others.

What victims are saying

  • Hackers contact targets pretending to need help testing a modpack or recording content
  • Modpack installs malware that grabs saved credentials and session tokens
  • Compromised Discord accounts bypass 2FA to delete servers and DM contacts with more bait
  • Long running communities built over years are the biggest casualties

Minecraft itself is not broken. The game client is simply the entry point. Once the malware lands it pivots to stealing broader credentials. Players who link their Microsoft account for cross play or use Discord for voice are especially exposed. The community response has been rapid warnings and calls for better verification of any shared mod content.

If you think you might have installed something suspicious change passwords enable hardware 2FA where possible and scan your system. Server owners should consider emergency backups and temporary invite locks. The wave shows no sign of slowing based on the volume of fresh posts.

LATEST MINECRAFT NEWS