Fortnite is one of the most popular multiplayer games in the world right now and the battle royale from Epic Games has almost 80 million players worldwide. And now researchers from Check Point Software Technologies have revealed that the game has vulnerabilities that can potentially affect any Fortnite player.
Fortnite is on most of the popular gaming platforms which include PC, Xbox One, PlayStation 4, Nintendo Switch, iOS and Android. Combine that with the fact that the game has a huge player base and professional players and streamers regularly stream and take part in professional games, the risk just becomes manifold.
The researchers claim that the vulnerability, if exploited, will give the intruder access to user’s account as well as their their personal information. The hackers can even purchase virtual in-game currency using the victim’s payment card details. Besides these, the vulnerability also gives the hackers the ability to invade the privacy of the concerned people by listening in on their ingame chats as well as the surrounding sounds and conversations.
Researchers have pointed out three vulnerabilities in the process outlined, and these were found in Epic Games’ web infrastructure. Players can fall victim to this attack by only clicking on a crafted phishing link from the Epic Games domain, which is actually sent by the attacker.
“Fortnite is one of the most popular games played mainly by kids. These flaws provided the ability for a massive invasion of privacy,” said Oded Vanunu, head of products vulnerability research for Check Point. “Together with the vulnerabilities we recently found in the platforms used by drone manufacturer DJI, show how susceptible cloud applications are to attacks and breaches. These platforms are being increasingly targeted by hackers because of the huge amounts of sensitive customer data they hold. Enforcing two-factor authentication could mitigate this account takeover vulnerability.”
Epic Games has been notified of the vulnerability by Check Point Software Technologies which has now been rectified.