More info: If you have downloaded anything from Curseforge since May 20th or Bukkit since April, PLEASE read the link above.

Windows Users: The best and simplest check is to open Explorer, and type %LOCALAPPDATA%\Microsoft Edge in the top bar. If this folder exists, you have likely been compromised. Kill all Java processes running on your machine from Task Manager, delete the folder you just viewed as well as these:

• %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\run.bat
• Open regedit from your start menu by typing it into search, and then type HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run into the top bar. Delete the key with the name "t".

Make sure to change all of your passwords, especially any that are currently saved in your browser's autofill, as well as Discord passwords and Microsoft account passwords.

Note: If you have show hidden files enabled and are infected, go to the Microsoft Edge folder and upload libWebGL64.jar to https://wormhole.app, then email the link it gives you to fractureiser.investigation@opayq.com to help the people investigating learn more about this!

NEW UPDATE

If you were infected, delete all Minecraft mods and copies of Minecraft from your computer.

Do not open Minecraft, especially do not open modded Minecraft, and especially especially do not download any mods.

The final stage of the malware appears to have .jar infection capability according to the live research document. While it's not known if this code would ever run or why, it is better to be safe than sorry.