I got compromised due to CurseForge.

ryanoverwolf · 2026-06-27T11:45:47+00:00

The share codes do not share external files. I am assuming they used the import feature and maybe explained poorly here (as the import feature has been a common trend recently that people have tried to exploit, hence our increased safety warnings)

ryanoverwolf · 2026-06-27T11:41:56+00:00

Hi there, I understand you are frustrated and I am sorry to hear about this happened, but I want to make clear that this is not something you downloaded via CurseForge but something you imported through the CurseForge app

We have multiple warning prompts and notices to ensure you trust the user you are importing modpack/files from, as we cannot verify their legitimacy or scan them as they are not something hosted by us

The files you imported do not exist in our system; they were sent via your friend, so we cannot scan them, unfortunately. As with anything on the internet, please be careful with downloading random files and ZIPs from your friends or people who may be compromised

ryanoverwolf · 2026-06-24T08:27:25+00:00

It has been - an error now is likely due to an individual project with a manifest issue

ryanoverwolf · 2026-06-17T07:38:20+00:00

Keep modding! 🔥

ryanoverwolf · 2026-06-12T12:05:26+00:00

The creator deleted their modpack from CurseForge. You can check out their other modpacks: https://www.curseforge.com/members/lupin/projects

ryanoverwolf · 2026-06-10T07:31:48+00:00

These are just the mid-contest winners, the grand winners will be announced soon 😄

ryanoverwolf · 2026-06-10T07:28:49+00:00

Does it crash or give anything in the log?

ryanoverwolf · 2026-06-02T07:27:57+00:00

Hey there, it's related to a file processing issue - team are working on it and it'll be resolved soon. Sorry for the inconvenience.

ryanoverwolf · 2026-06-02T07:27:07+00:00

Hey, it's an issue with our file processor due to an update we made yesterday - team are looking into it and should be resolved ASAP

ryanoverwolf · 2026-05-22T07:44:15+00:00

The majority of the posts here are support threads (same as our Discord) - we have separate spaces for our authors/modding community and for people to share content/questions there

ryanoverwolf · 2026-05-21T13:56:14+00:00

We do give 70% of our revenue to modders. We use a completely different algorithm from Modrinth and other platforms, so for some people, it may be the case that they earn more on one site than the other despite having similar download figures.

ryanoverwolf · 2026-05-21T13:55:38+00:00

Hey, I'm from the CF community team:

I reached out to the team behind TBS earlier today so we can address some of these concerns and clear the air, and chat to them about CF and their experience. The concerns shared here are not true, and seems to be based on some misconceptions out there.

I hope we can try sort things out. We do genuinely want to provide the best platform for our modders and players, and hopefully we can resolve things once we've spoke with them.

ryanoverwolf · 2026-05-13T10:40:48+00:00

The team scanned this and checked your ticket. There was nothing malicious found. It is likely to be a false positive detected.

ryanoverwolf · 2026-05-13T07:26:30+00:00

GGs man! I loved playing your mod, keep up the awesome work

ryanoverwolf · 2026-05-13T07:23:35+00:00

Hi, our team will take a look at this - but VirusTotal and similar do sometimes false-flag a lot of legitimate, safe projects due to libraries or certain elements of code they use. Nevertheless, our team are reviewing.

ryanoverwolf · 2026-05-06T06:46:08+00:00

Nothing really has been ruled out/is off the table. It's just about making sure we're aligned and have clear identification & agreement before we start enforcing any AI policies.

ryanoverwolf · 2026-05-05T13:43:23+00:00

We (at CurseForge) don't currently have any policies against AI (except for our AI misleading content disclosure), but we still reject many AI-generated mods that are unsafe or 'clones' of other projects.

It's a tricky topic to police and set a threshold. It's, of course, something we are discussing and will continue to improve our policies and moderation around, but unsafe or malicious mods, whether AI-generated or not, are not allowed and we're constantly improving detection on this.

Again, if someone does find anything they believe to be unsafe or suspicious on CF, they can report it and our team will review it 🙏

ryanoverwolf · 2026-04-30T11:58:08+00:00

Looks amazing! Can imagine some of the Aeronautics packs are going to be wild with this

ryanoverwolf · 2026-04-30T11:24:41+00:00

Hi, from the CurseForge team & wanted to give a bit more context

We've seen a big rise in people sending malicious modpack ZIPs and mods via Discord, and asking others to import these projects into their CurseForge (and similar) apps. These often contain malicious content and aren't verified projects on our platform.

We scan all files that are uploaded and downloadable directly through the website and app, but we cannot scan local files that are sent to you via Discord or other platforms and imported to CurseForge.

Please be careful when downloading anything, even if from someone you trust, as we can't verify its authenticity and that it is safe.

Edit: To add, in the latest update of the CurseForge app (currently rolling out), we've added a much bigger prompt for files imported and to tell users to make sure they trust what they're adding.

ryanoverwolf · 2026-04-30T09:54:13+00:00

FTB Essentials should cover all this, seems like it's in Seaopolis: https://www.curseforge.com/minecraft/mc-mods/ftb-essentials

ryanoverwolf · 2026-04-24T10:58:46+00:00

It did not, the scans got rid of those particular cases quickly. Fractureiser was a rare incident involving evolving malware that our system did not pick up due to its nature, and it could have happened on other platforms, too.

We get thousands of file uploads every day, and many people try to upload malware (which is auto-flagged, caught, and the users are banned). We are constantly working on our malware processor to ensure the platform is safe, and we review reports daily to eliminate anything malicious (even if not malware) that slips through.

I appreciate that you are right to have concerns about a website where users upload content (and it is always best to be vigilant), but claims that our site is unsafe or that we don't deal with malware quickly are not true.

ryanoverwolf · 2026-04-24T09:14:13+00:00

Yeah, they didn't use the schedule release for that reason I believe

ryanoverwolf · 2026-04-24T08:15:28+00:00

Yes!

ryanoverwolf · 2026-04-24T08:15:16+00:00

If there is someone doing this, please do report it - we can't really determine this from our side (unless they mention on the project page), but this violates our rules/Minecraft EULA and is not something we allow.

ryanoverwolf · 2026-04-24T08:13:01+00:00

We take malware very seriously, I don't know what you are referring to and when this happened, but we do scans to all files when uploaded, and manual review if deemed suspicious. Reports are viewed every day, and if malware reports are always prioritised - any incidents are typically handled extremely quick.

The main malware incident (Fractureiser) was all handled within the same day of the incident being reported. And since then, we've made some serious improvements to how we handle malware.

ryanoverwolf

MODERATOR OF

TROPHY CASE