Fortnite blew up once it revealed to the world the free-to-play Battle Royale mode. Since then, the latest title from Epic Games has continued to just dominate the gaming community at record-breaking levels. With great popularity comes great risk, which has manifested once more in the form of a pretty glaring vulnerability on the Epic Games website.
Check Point is a known cybersecurity firm that works to pinpoint areas at risk for cyber attacks. In the instance of Epic Games' login page, there was a found vulnerability that makes it easy to redirect traffic from the desired page to one that leaves information open for the taking. Should a hacker take advantage of this tactic, login tokens, digital keys, and other accounts linked would all be vulnerable to attacks and theft. Some of these accounts linked included Facebook, PSN, Xbox Live, Nintendo, and more.
The site then shared a series of code requests and shared how easy it is to bypass what Epic Games has in place. According to Check Point, "Our team’s research, however, relied on a far more sophisticated and sinister method, that did not require the user to hand over any login details whatsoever. By discovering a vulnerability found in some of Epic Games’ sub-domains, an XSS attack was permissible with the user merely needing to click on a link sent to them by the attacker. Once clicked, with no need even for them to enter any login credentials, their Fortnite username and password could immediately be captured the attacker."
If you're interested in learning more about how this works on a more technical basis in order to prevent theft in the future, you can check out their full tech analysis right here - or check out the video above.
As far as what you can do as a player, pay attention to any redirects that may occur. Note the urls, the source codes, and where you are putting your information at all times. We also highly recommend their two-point authentication system as well for additional backup because there is no shortage of hackers waiting to get into these accounts. And understandably so, Fortnite has become a multi-billion dollar franchise within a year of the Battle Royale mode going live. There's a lot of money to be made in hacking these accounts, which is something we've broken down heavily in the past.
What do you think about the rising trend of hacking in games and how profitable it seems to be? Join in on the conversation in the comment section below, or hit me up over on Twitter @DirtyEffinHippy!