Check Point said its researchers had discovered vulnerabilities in the popular Fortnite online game. The security software company has informed the manufacturer of Fortnite Epic Games, which has corrected the flaw, which could have allowed hackers to secretly intercept the connection information of Fortnite users and steal them.
The attack manipulates the Fortnite login process to capture users' Fortnite user names and passwords. With the stolen identification information, attackers could then log into the user's Fortnite account and view all the data stored there, buy more V-Bucks currency in the game at the expense of the user. 39; user, access all the contacts of the user and listen to them. and record the conversations taking place during the game.
Fortnite has nearly 80 million players on Android, iOS, PC, Xbox One and PlayStation 4.
In order for the attack to succeed, it suffices for the victim to click on a malicious phishing link that the attacker sends him, either in the Fortnite chat or via social media – for example, by offering credits. free game play or V-Bucks. Once the user has clicked and the user does not even need to enter his login credentials, his Fortnite authentication token is captured by the attacker, this which allows him to take over the account of the user.
Check Point researchers have informed Epic Games of this vulnerability and a patch has been deployed.
While Fortnite players had already been the target of scams that had deceived them by connecting to fake websites that promised to generate Fortnite's "V-Buck" motto, these new vulnerabilities could have been exploited without the player did not give him his login information.
Attackers could potentially access a user's account because of vulnerabilities discovered in the Fortnite login process. Due to three flaws in the Epic Games web infrastructure, the researchers were able to manipulate the token authentication process used by Fortnite in conjunction with single sign-on systems (SSO) such as Facebook, Google, Xbox and PlayStation. The access information of the user and the support of his account.
To be a victim of this attack, a player only has to click on a phishing link manufactured from an authentic Epic Games domain, which gives it a legitimate appearance. Once the user clicks, the user's Fortnite authentication token could be captured by the attacker without the user entering their login credentials. According to Check Point researchers, the potential vulnerability came from vulnerabilities found in two of Epic Games 'online subdomains that could be subject to malicious redirection, thus allowing users' legitimate authentication tokens to fail. to be intercepted by a hacker belonging to the compromised subdomain.
"Fortnite is one of the most popular games played mostly by kids. These flaws allowed for a massive invasion of privacy, "said Oded Vanunu, product vulnerability research manager at Check Point, in a statement. "The vulnerabilities we have recently found in the platforms used by the DJI drone manufacturer show just how vulnerable cloud applications are to attacks and violations. Hackers are increasingly targeting these platforms because of the huge amount of sensitive customer data that they hold. The application of a two-factor authentication could mitigate this vulnerability related to account takeover. "
Check Point has informed Epic Games of the vulnerability, which has now been corrected. Check Point and Epic Games advise all users to remain vigilant when they exchange information digitally and set up cyber-safe habits during their online exchanges. Users should also question the legitimacy of links to information seen on user forums and websites.
"We were informed of the vulnerabilities and these were quickly corrected. We thank Check Point for bringing this to our attention, "said an Epic spokesperson in an email. "As always, we encourage players to protect their accounts by not reusing passwords, using strong passwords, and not sharing account information with others."
To avoid this, Check Point stated that companies should perform thorough and regular hygiene checks on their IT infrastructure. They did not leave obsolete and unused sites or access points online. In addition, it is recommended to review any obsolete website or subdomain still online but not used.
In order to minimize the risk of being a victim of an attack exploiting such vulnerabilities, users must enable two-factor authentication, making sure that when logging into their account to From a new device, the player must enter a security code sent to the server. e-mail addresses of the account holder. It is also important that parents educate their children about the threat of online fraud and warn them that cybercriminals will do everything in their power to access personal and financial information that may be held in a player's online account. .