Connect with us

Hacker News Vulnerability

Fortnite Flaws Exploited by Hackers

Hacker News Malware

Emotet Malware Makes a Comeback with Fresh Attacks After Three Months of Silence

Hacker News Vulnerability

Lazarus Group Found Exploiting Zero-Day Vulnerabilities in Latest Cyber Attack

Hacker News

Chinese hackers develop new custom backdoor to evade detection

Hacker News

Hackers are exploiting vulnerabilities in containerized environments

Hacker News

Play Ransomware Group Brags About Disruptive Attack on City of Oakland

Hacker News

Chinese State-Sponsored Hacking Group APT31 Targets European Organizations

Hacker News Vulnerability

Researchers Uncover New Security Vulnerabilities in TPM 2.0 Library

Data Breaches Hacker News

Dark Web Marketplace Bidencash Leaks 2 Million Stolen Credit Cards for Free

Hacker News

White Hat Hacking Does Pay: Pwn2Own Shells Out 980,000 in Rewards

Hacker News

Fortnite Flaws Exploited by Hackers

Published

5 years ago

on

Fortnite Flaws Exploited by Hackers

Check Point researchers reveal security vulnerabilities in Epic Games’ massively online battle arena, Fortnite, that have allowed hackers to take over player accounts. This comes in the wake of previous hacks, taking over swaths of accounts and selling them.

 

Fortnite has become a gaming phenomenon since it’s release, the focus being on its Battle Royale mode, dropping 100 players into an arena and letting them fight to the finish. While they weren’t the first to release this gameplay mode, but they’ve increased exponentially and expanded across platforms and even into the mobile market at breakneck speeds.

The most recent hacking attacks against the gaming giant involves a cross-site scripting (XXS) bug that targets one of the epicgames.com subdomains. This is how the unsuspecting link bypassed firewalls. A link was sent to players through the subdomain, indicating that the link was from Epic Games. Once the link is followed, it’s redirected the link to the specially crafted page. From this new page, the account token is taken and sent to the hacker. After this information is submitted, the cycle is completed when the player logs into their account again, sending the username and password to the hacker. Many players won’t know about the breach in their security until they notice that their credentials have been changed.

 

This isn’t Epic Games’ first interaction with the hacking of their players’ accounts. Previous hacks revolve around credential stuffing, hackers mining lists for exposed usernames/email addresses and passwords obtained by other website breaches. These hackers then take this information and roll the dice. If they’re successful, then these hackers can sell high ranking accounts to other players. This type of hacking isn’t new to Fortnite, being a problem for other MOBAs and MMOs like World of Warcraft and DOTA II.

 

It’s recommended that to protect privileged information that you attach a two-factor authentication (2FA) to your account, many of which can be placed on your phone via mobile app. The second, most important thing you can do is to periodically change your password, especially if you find that another service you use that been breached in some way.

 

A spokesperson for Epic Games, Nick Chester, has said that the bug has now been fixed.

 

Related Topics:

Technology Enthusiast with a keen eye on the Cyberspace, Entrepreneur, Ethical Hacker

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *