A
Admincraftβ€’2w ago
Homka

what even is this

someone recommended me this thing, and I'm asking to know, is it any useful? looking at the description, this tool seems useless, especially if I download plugins from trusted sources only(Modrinth, Spigotmc, or build from source)
SpigotMC - High Performance Minecraft Community
Spigot Anti-Malware
Solution:
β€œRareHyperIonYT Version: 15.15 It's still the same as it was a year ago, most of its "detections" are based of a database file which is just a list of blacklisted authors, checksums, class paths, etc this is a very bad way of handling this and leaves many gaps in detections and easy to bypass while still managing to have many false positives if it wasn't for the whitelists and even at that it still has false positives on obviously safe plugins.” -spigot reviews...
Jump to solution
6 Replies
Solution
π’Ÿπ‘œπ“‚π’Ύπ“ƒπ’Ύπ’Έ
π’Ÿπ‘œπ“‚π’Ύπ“ƒπ’Ύπ’Έβ€’2w ago
β€œRareHyperIonYT Version: 15.15 It's still the same as it was a year ago, most of its "detections" are based of a database file which is just a list of blacklisted authors, checksums, class paths, etc this is a very bad way of handling this and leaves many gaps in detections and easy to bypass while still managing to have many false positives if it wasn't for the whitelists and even at that it still has false positives on obviously safe plugins.” -spigot reviews
Homka
HomkaOPβ€’7d ago
thanks! imma mark your response as solution also update to the situation with a guy who sent me that plugin: turns out that he tried to convince me to install both his malware(not this plugin, completely different plugin) and that "Spigot Anti-Malware", by DMing anti-malware one and sending actual malware in server requests channel on discord
π’Ÿπ‘œπ“‚π’Ύπ“ƒπ’Ύπ’Έ
π’Ÿπ‘œπ“‚π’Ύπ“ƒπ’Ύπ’Έβ€’7d ago
yikes. Don't ever do that, always download from official sources (preferably modrinth as they vet their mods), or self compile from github AFTER you have reviewed its code
ProGamingDk
ProGamingDkβ€’7d ago
modrinth vets once, and it is not perfect at all
Homka
HomkaOPβ€’7d ago
I always do that goober thought that I wouldn't check backdoor he sent
π’Ÿπ‘œπ“‚π’Ύπ“ƒπ’Ύπ’Έ
π’Ÿπ‘œπ“‚π’Ύπ“ƒπ’Ύπ’Έβ€’7d ago
yeah i know of a few mods that later became malicious after the initial vetting. Best idea is to go with popular ones iris, lithium, those probably wouldn't go wrong

Did you find this page helpful?