80 Million Fortnite Player Accounts Compromised Due To A Bug – This Is What You Should Do
The bug allowed hackers to access voice and chatter of the players as well.
Created by Epic Games, Fortnite is right now one of the hottest, most popular games on the Earth. More than 80 million users play this shooter-survival game, all over the world.
As per fresh reports coming in, a bug may have compromised millions of players accounts and hacked private information, and even snooped into private conversations happening in and around the place, where the players were located.
Fortnite Exposed: 80 Million Player Accounts Compromised
This massive security breach was discovered by Checkpoint, which is a leading cybersecurity solutions provider.
In case any hacker exploited this bug and gained access to any player’s user account, then these following ‘scary’ scenarios emerge:
- Fortnite’s has this ‘V-Buck’ in-game currency, which can be used to purchase in-game products such as colorful cosmetics, outfits, battle pass and more. In case any hacker gained access to player’s account, they could have used this in-game currency to buy their own products.
- Hacker could have also gained access to the in-home chatter in and around the location of the player. Say, the player is playing Fortnite in home, then the hacker could have listened to the talks, and extract sensitive information.
Fortnite Hacking: How This Happened?
Fortnite uses Single Sign-On (SSO) systems such as Facebook, Google and Xbox to enable the player to sign-in. During this process, the bug allowed the hackers to exploit tokens which are exchanged for authenticating the user.
Checkpoint stated, “To fall victim to this attack, a player needs only to click on a crafted phishing link coming from an Epic Games domain, to make everything seem transparent, though sent by the attacker.”
Once the player clicked this link, the tokens used for authentication were stolen, thereby allowing the hacker to enter the player’s account, and wreak havoc.
Interestingly, the origin of this bug was found in Epic Games’ sub-domains, which were used for triggering this malicious redirect.
Oded Vanunu, head of products vulnerability research for Check Point said, “These platforms are being increasingly targeted by hackers because of the huge amounts of sensitive customer data they hold. Enforcing two-factor authentication could mitigate this account takeover vulnerability.”
The Fortnite Bug Has Been Fixed
Check Point has informed that they have notified Epic Games about this vulnerability, and the bug has been fixed.
What Should You Do?
If you are regular Fortnite player and have downloaded the game, then Check Point and Epic Games have these following security suggestions:
- Remain vigilant while exchanging information via Digital medium
- Practice safe cyber-habits while playing the game
- Always double check any link before opening, especially those share via forums and social media
- Organizations have been advised to perform ‘thorough and regular hygiene checks on their IT infrastructure’
- Users are advised to perform two-factor authorization for optimal security and safety, especially while logging into the game from an external or new device.
Did you encounter any hacking attempt while playing Fortnite? Do let us know by commenting right here.