Technology
‘Fortnite’ vulnerability put millions of accounts at risk
It turns out that for the millions of people playing Fortnite, there was more than just a Victory Royale at stake.
On Jan. 16, internet security firm Check Point Research disclosed a vulnerability in the popular online video game that could have allowed malicious actors to take over practically any Fortnite account — all a player had to do was click a malicious link.
“By discovering a vulnerability found in some of [Fortnite owner] Epic Games’ sub-domains, an XSS attack was permissible with the user merely needing to click on a link sent to them by the attacker,” explains the report. “Once clicked, with no need even for them to enter any login credentials, their Fortnite username and password could immediately be captured [by] the attacker.”
Epic Games confirmed the now-patched vulnerability in a statement to the Washington Post, noting that it “[encourages] players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”
The vulnerability was discovered “the last few weeks,” writes Check Point Research, and “a fix was responsibly deployed” by Epic Games after the company was notified.
Fortnite, for those still unaware, is a gaming phenomenon — drawing, according to Epic Games, 78.3 million players in August of 2018 alone. That’s a lot of potentially hacked accounts.
Notably, this isn’t the only bad Fortnite news to drop today. According to The Independent, the game’s currency has been used to launder money by criminals. Dubbed V-bucks, the digital dollars were reportedly purchased from the in-game store using stolen credit cards and then resold to players at a discounted rate for bitcoin or bitcoin cash.
“Epic Games takes these issues seriously, as chargebacks and fraud put our players and our business at risk,” an Epic Games spokesperson told The Hollywood Reporter.
So the next time you log in for a little old-fashioned battle royale, keep in mind that it’s not just the grenade launchers and hand cannons that could hurt you.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
-
Business7 days ago
DOJ’s Apple antitrust case neatly aligns with EU on one key point: NFC and mobile payments
-
Business6 days ago
Lordstown Motors’ ousted CEO settles with SEC for misleading investors
-
Business5 days ago
Apple sued, Microsoft’s AI ambitions and Nvidia’s surprises
-
Business4 days ago
TechCrunch Mobility: The wheels are starting to come off the Fisker EV bus
-
Entertainment3 days ago
Amazon Big Spring Sale 2024: Shop 350+ deals on Apple, robot vacuums, security cameras, more
-
Business3 days ago
Maju Kuruvilla is out as CEO of one-click checkout company Bolt
-
Entertainment5 days ago
Amazon’s Big Spring Sale 2024: Shop 340+ deals on Apple, robot vacuums, security cameras, more
-
Entertainment3 days ago
Asus ROG Zephyrus G14 (2024): The MacBook Pro of gaming laptops