advertisement
Home
News
Sports
Suburban Business
Entertainment
Lifestyle
Opinion
Classifieds
Obituaries
Shopping
Newspaper Services
Business

A major bug in Fortnite gave hackers access to millions of player accounts, researchers say

Posted January 19, 2019 5:00 am
By Brian Fung The Washington Post

If you or your child plays Fortnite, you might want to take a closer look at your recent credit card statements.

Epic Games, the maker of the hit online battle royal title, admitted Wednesday that a flaw in the game's login system could have allowed hackers to impersonate real players and purchase in-game currency using the credit cards on file.

It's unclear how many players may have been directly affected by the bug; Epic declined to comment on the scope of the vulnerability and said the matter has been addressed. But roughly 80 million people play Fortnite every month, and as many as 200 million users have registered accounts, the company has previously said.

“We encourage players to protect their accounts by not reusing passwords and using strong passwords, and not sharing account information with others,” Epic said in a statement.

Epic's admission follows a report by Check Point Research, an information security group, which said it privately notified Epic of the flaw after tests revealed it could lead to widespread fraud.

The bug worked by giving hackers the ability to steal pieces of code used to identify a player when he or she logs into the game using a third-party account such as Facebook or Xbox Live, the researchers said. Players could have been exposed to the flaw if they clicked a malicious phishing link designed to exploit the vulnerability. Along with their report, the group also published a YouTube video explaining the research.

After using these security tokens to access a player's account in Fortnite, hackers could then take actions such as buying in-game currency, according to the report. The report also said, but Epic did not confirm, that hackers could have eavesdropped on players' conversations in the game's voice chat.

The enormous popularity of Fortnite makes it a juicy target for hackers, experts say. Check Point did not disclose how long the vulnerability may have existed, nor whether hackers could have siphoned their ill-gotten rewards out of player accounts. But the possibility of a breach affecting the equivalent of two-thirds the U.S. population is a serious risk, the group said.

“Fortnite is one of the most popular games played mainly by kids,” Oded Vanunu, Check Point's head of products vulnerability research, said in a statement. “These flaws provided the ability for a massive invasion of privacy.”

0 Article Comments
Article Categories
Business Content Providers Entertainment Information Technology Video Games
Article Comments
Guidelines: Keep it civil and on topic; no profanity, vulgarity, slurs or personal attacks. People who harass others or joke about tragedies will be blocked. If a comment violates these standards or our terms of service, click the "flag" link in the lower-right corner of the comment box. To find our more, read our FAQ.
Back To Top
About Us
Staff
Quick Links
Advertising
Services
Copyright © 2024 Paddock Publications, Inc., P.O. Box 280, Arlington Heights, IL 60006
Paddock Publications, Inc. is an Employee-Owned Company