The Fortnite game has more than 125 million total players and it is one of the most famous games on the planet.
Web-based game-streaming platform Rainway noticed the issue on June 26th as thousands of users getting error reports triggered in their tracker.
Rainway said, “for security and privacy reasons we’ve always allow only whitelisted URLs and we should not have any ads.”
To their surprise, one after another user start’s getting infected, so the researchers opted to find which is common for all.
As a part of the investigation, they headed to youtube to find popular Fortnite Game hacks and they tested with hundred’s of software that claims to support the players. These videos are common for any popular game.
The Rainway team at last identified hack claiming that users will get both the V-Bucks and use an aimbot.
When users install the promised fake Fortnite Game hacking app it immediately installs a root certificate and routes the web traffic through itself, which leads to Man in the Middle Attack.
MITM attack is a type of cyber attack where the attacker intercepts communication between two parties. Here is a perfect example of Mitm attack.
Then Adware starts altering all the pages by adding advertisement companies ad tag Adtelligent and voila.
“We began by sending an abuse report to the file host, and the download was removed promptly, this was after accumulating over 78,000 downloads.” reads Rainway blog post.
Rainway alerted all the infected users and enabled certificate pinning to mitigate such Mitm attacks in future.
Recently a fake android malware posing as Fortnite Game with capabilities of spyware, cryptocurrency miner targeted Android users.
Maikspy – A Spyware Attack on Windows & Android Users via Adult Games
Several Malware Games Downloaded by 4,500,000 Android Users From Google Play Store
Malicious Code in Kids Game Apps on Google Play Pushing Porn Ads – More than 60 Game Apps Infected
Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost…
A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS)…
Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target…
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts…
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and…
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and…