Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security //

Data Leakage

09:35 AM
Jeffrey Burt
Jeffrey Burt
Jeffrey Burt

Vulnerability Puts Millions of Fortnite Players at Risk, Check Point Finds

Epic Games, the developer of Fortnite, fixed vulnerabilities in its web infrastructure that researchers said exposed the sensitive information of users of the wildly popular online game.

Check Point Software researchers discovered vulnerabilities in the hugely popular online game Fortnite that could have put the sensitive information of the almost 80 million users around the globe at risk.

Through the vulnerabilities, attackers could have stolen the usernames and passwords, which would have given them access to a vast amount of information stored in the accounts, enabled them to listen to and record conversations during the games, hear surrounding sounds and chatter within a user's home or wherever they were playing from, access users' in-game contacts and buy V-Bucks, the currency used in the game.

Check Point researchers notified Fortnite's developer, Epic Games, about the vulnerabilities in the company's web platform and they have since been fixed, according to Check Point and Epic. Epic officials in a statement noted: "...we were made aware of the vulnerabilities and they were soon addressed … As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others."

(Source: Epic Games)
(Source: Epic Games)

There's no indication that the vulnerabilities were used to attack Fortnite gamers, but they represented a significant threat given the massive numbers of people -- many of them children, though some of them are professional gamers -- who play the game. It's used on all the top game consoles, including Microsoft's Xbox One, Nintendo Switch and Sony's PlayStation 4, and is available on the Android and Apple iOS mobile platforms and on PCs through Microsoft Windows.

Given the runaway popularity, Fortnite players have been targeted in the past, including through campaigns aimed at enticing users to log into fake websites that have offered the ability to run the game on some unsupported mobile platforms or to generate V-Bucks. Last year some Fortnite players found their game accounts had been breached and that bad actors had rung up hundreds of dollars in purchases. (See Fortnite Players Lob Shots at Epic Games Over Hacked Accounts.)

In their report, "Hacking Fortnite Accounts," Check Point researchers noted that the popularity of Fortnite has translated into a lot of money for Epic, with the game generating almost half of the company's $5 billion to $8 billion of estimated value.

"With such a meteoric rise in fortune, it is no surprise then that the game had already attracted the attention from cyber criminals who set out to con unsuspecting players," they wrote.

Eran Vaknin, security expert at Check Point, also noted the global popularity of the game when talking about the latest vulnerabilities found by his company.

"Fortnite is the biggest online social game created in the wild, so the vulnerability exposes [all of its] users and this is the big picture," Vaknin told Security Now in an email. "The account takeover vulnerability is unique since we didn't see any report mentioned. It has happened in the past for Epic Games. The attack is seamless to the victim [and] everything is happening automatically behind the scenes."

He added that the researchers "treat Fortnite … as an infrastructure for people to collaborate together in kind of a social network, so I think that our vulnerabilities affect the same risk level of a business attack."

Unlike other attacks, the vulnerabilities found by Check Point analysts would have needed only for a gamer to click on a phishing link that appeared to be coming from an Epic Games domain.

If the gamer clicked on the link, the attacker would be able to grab the user's Fortnite authentication token without the user having to enter login credentials. The researchers found three flaws in Epic's web infrastructure that would have enabled attackers to steal user access credentials via the token-based authentication process used with Single Sign-On (SSO) systems like Facebook, Google and Xbox.

With these credentials, the bad actors could take over users' accounts.

The researchers showed that flaws in two of Epic's sub-domains were vulnerable to malicious redirects, which would have enabled hackers to grab users' legitimate authentication tokens from the compromised sub-domain through a cross-site scripting (XSS) attack.

Because of the amount of private data -- such as credit card numbers -- that are in users' accounts, Fortnite is "very attractive and valuable target on all of the platforms," Vaknin said.

There are several ways for users and organizations to protect themselves against such attacks, the researchers note. Gamers should always question the legitimacy of links they see on user forums and websites and use two-factor authentication. Parents should educate their children about cybersecurity and organizations need to ensure that their infrastructure's security is up to date.

Related posts:

— Jeffrey Burt is a long-time tech journalist whose work has appeared in such publications as eWEEK, The Next Platform and Channelnomics.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel function where a lack of checks allows the exploitation of an integer overflow on the size parameter of the tz_map_shared_mem function.
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel�s tz_handle_trusted_app_smc function where a lack of integer overflow checks on the req_off and param_ofs variables leads to memory corruption of critical kernel structures.
PUBLISHED: 2021-06-22
Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an integer overflow in the tz_map_shared_mem function can bypass boundary checks, which might lead to denial of service.
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure.
PUBLISHED: 2021-06-22
Trusty contains a vulnerability in all TAs whose deserializer does not reject messages with multiple occurrences of the same parameter. The deserialization of untrusted data might allow an attacker to exploit the deserializer to impact code execution.