Millions of Fortnite Users Hacked Due To Security Bug | MobileAppDaily
Gaming

Fortnite Hacked: A Massive Loophole Made Hackers Take Over Your Accounts

As per reports, this bug even allowed hackers to eavesdrop on your in-game conversations.

https://dk2dyle8k4h9a.cloudfront.net/Fortnite Hacked: A Massive Loophole Made Hackers Take Over Your Accounts

Fortnite, created by Epic Games, is undoubtedly one of the most famous video games in the world and accounts for almost half of the company’s $8bn estimated valuation. With such massive popularity, cybercriminals stealing access to player’s account illicitly should not come as a surprise for the game.

However lately, Check Point Research pointed out multiple vulnerabilities in Epic Games’ Fortnite, which allowed hackers to control the players’ accounts, view their personal information, purchase in-game items through their credit cards, and drop into their in-game conversations.

The cybersecurity firm discovered the Fortnite security bug in November, and it was later fixed in January. An Epic Games spokesperson said,

In this case, the issue that caused the security to oscillate wasn’t related to passwords, but instead, was created because the Epic Games’ account page had not been validated. It leads to a redirect URL to a separate, malicious webpage, allowing users’ authorized login tokens to be intercepted by hackers from compromised sub-domain using custom JavaScript codes.

Or in layman language, the hackers sent a malicious link to the users’ Fortnite account, which, when clicked, redirected attackers to a page that stole their login credentials.

Oded Vanunu, Check Point’s Head of Product vulnerability research stated,

How Was Fortnite Hacked?

The Fortnite security flaw initially started due to an Epic Games page from 2004 that created a small loophole for hackers to take over people’s accounts.

Researchers at Check Point found an unsecured URL on ut2004stats.epicgames.com, a records page for the Unreal Tournament that Epic Games first developed in 1998.

Access Tokens are codes generated by different platforms that keep you logged in so you don’t have to hustle every time you open a page. When cybercriminals stole information of around 30 million Facebook users, they used access tokens to do it. Similarly, the Fortnite loophole allowed hackers to log into your Epic games account in many different ways, using these tokens from Facebook, Google and Xbox accounts.

Eran Vaknin, a security researcher at Check Point, said that if you had linked your Epic Games’ account to Facebook, the hack would have to go through the social network.

As the affected page had an Epic Games’ URL, it made victims less suspicious about the whole scenario. Mr. Vaknin further added that the attack is happening without any user interference.

As people are becoming aware of these phishing attacks and more careful about typing passwords on suspicious pages, hackers would be using access tokens instead. It is suggested by officials to use two-factor authentication for your accounts, which Epic Games promote as well.

Stay tuned at MobileAppDaily for more updates on Fortnite and PUBG.

Vikram Khajuria
Written By Vikram Khajuria

Jack of all trades. Covering the journalism field, Vikram writes at MobileAppDaily and keeps surfing the trends to understand tech and inventions better. Don’t forget his driving skills, he is a professional car rallyist. Life has just got better. Breathe it!!

Top Companies

InMobi
Singapore
Dot Com Infoway
New York, USA
M&C Saatchi Mobile
New York City, USA
Techmagnate
New Delhi, India
Fetch
London, UK
View full report

Latest Articles

Join our global community 135K Followers
Gaming

Parents Hiring Fortnite Tutors Costs $20 Per Hour For Their Kids

Vikram Khajuria 4 min read  

Fortnite, the Epic game that has already broken many records in a one year of time, now went beyond being viral. According to the Wall Street Journal’s report, many parents are paying the coaching fee for their kids to learn Fortnite tactics. Yes, it's true these parents are hiring the ski

Gaming

Fortnite Update 7.10 Patch Notes Revealed!

Vikram Khajuria 2 min read  

Epic Games keeps the festive celebration going by treating its players with a Fortnite 7.10 update. The update has come across all platforms like PS4, iOS, and Android, Xbox One, PC, Nintendo Switch.The Fortnite official Twitter account has confirmed the news:“The first Content Updat

Gaming

Fortnite Android: Expected Release Date, How To Download And Everything Else

Vikram Khajuria 4 min read  

Fortnite, the game that took the gaming world by storm with its amazing gameplay and it is still breaking the record over the internet. Whether you are into the shooting games or not you must have heard about the Fortnite Battle Royale. Fortnite is developed by Epic Games has taken over every other

Gaming

PUBG Mobile Guide: Everything About The Ultimate Battle Royale Game

Vikram Khajuria 4 min read  

With PUBG or PlayerUnknown's Battlegrounds in the forefront, no wonder, the mobile gaming community has witnessed a sudden surge in the number of players. The Battle Royale game has a remarkable graph since its inception last year, and there is no stopping it. It was the reason we covered all th