Technology
‘Fortnite’ vulnerability put millions of accounts at risk
It turns out that for the millions of people playing Fortnite, there was more than just a Victory Royale at stake.
On Jan. 16, internet security firm Check Point Research disclosed a vulnerability in the popular online video game that could have allowed malicious actors to take over practically any Fortnite account — all a player had to do was click a malicious link.
“By discovering a vulnerability found in some of [Fortnite owner] Epic Games’ sub-domains, an XSS attack was permissible with the user merely needing to click on a link sent to them by the attacker,” explains the report. “Once clicked, with no need even for them to enter any login credentials, their Fortnite username and password could immediately be captured [by] the attacker.”
Epic Games confirmed the now-patched vulnerability in a statement to the Washington Post, noting that it “[encourages] players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”
The vulnerability was discovered “the last few weeks,” writes Check Point Research, and “a fix was responsibly deployed” by Epic Games after the company was notified.
Fortnite, for those still unaware, is a gaming phenomenon — drawing, according to Epic Games, 78.3 million players in August of 2018 alone. That’s a lot of potentially hacked accounts.
Notably, this isn’t the only bad Fortnite news to drop today. According to The Independent, the game’s currency has been used to launder money by criminals. Dubbed V-bucks, the digital dollars were reportedly purchased from the in-game store using stolen credit cards and then resold to players at a discounted rate for bitcoin or bitcoin cash.
“Epic Games takes these issues seriously, as chargebacks and fraud put our players and our business at risk,” an Epic Games spokesperson told The Hollywood Reporter.
So the next time you log in for a little old-fashioned battle royale, keep in mind that it’s not just the grenade launchers and hand cannons that could hurt you.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
-
Entertainment6 days ago
When will we have 2024 election results online?
-
Entertainment5 days ago
Halloween 2024: Weekend debates, obscure memes, and a legacy of racism
-
Entertainment6 days ago
Social media drives toxic fandom. Is there a solution?
-
Entertainment5 days ago
Is ‘The Substance’ streaming? How to watch at home
-
Entertainment5 days ago
M4 MacBook Pro vs. M3 MacBook Pro: What are the differences?
-
Entertainment4 days ago
Menendez brothers case reignites online: The questions that keep resurfacing
-
Entertainment4 days ago
‘A Real Pain’ review: Jesse Eisenberg and Kieran Culkin charm as odd-couple cousins
-
Entertainment4 days ago
25 greatest sci-fi films on Hulu that you can watch right now