- Official Post
UPDATE: It was a hoax, please see this post for more information - RE: CRITICAL SECURITY ALERT: Figura Mod Compromised & Used as Botnet
Within the last hour we have been made aware of a critical security issue with the figura mod that is being used both on TF and by a much wider Minecraft Modding community.
We are now aware that due to the ability for a remote server to send LUA scripts to execute, a number of people have had their IP's sent to an unauthorised party without their consent, and the figura team have set things up so users of figura can be used as a botnet, potentially resulting in criminal charges for anyone that is implicated in the bot net through having previously installed figura.
AS A MATTER OF CRITICAL URGENCY you need to uninstall and delete all traces of this mod, and run AV Scans from multiple reputable AV Scanner providers. You should also make every effort to reset your home routers IP address, in most cases powering down your router for 10-15 mins will do this. If it does not contact your ISP for support.
IN AN IDEAL WORLD AND FOR MAX SECURITY you need to do a full wipe of your current computers that have ever had figura installed on it and re-install from scratch restoring from a backup before figura