<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=192888919167017&amp;ev=PageView&amp;noscript=1">
Menu
The Columbian logo tagline
Login
Thursday,  November 28 , 2024
Current weather Vancouver, WA

Linkedin Pinterest
Check Out Our Newsletters envelope icon
Get the latest news that you care about most in your inbox every week by signing up for our newsletters.
News / Business / Business Briefs

Bug in Fortnite gave hackers access to player accounts

By Wire services
Published: January 21, 2019, 4:34pm

If you or your child plays Fortnite, you might want to take a closer look at your recent credit card statements.

Epic Games, the maker of the hit online battle royal title, admitted Wednesday that a flaw in the game’s log-in system could have allowed hackers to impersonate real players and purchase in-game currency using the credit cards on file.

It’s unclear how many players may have been directly affected by the bug; Epic declined to comment on the scope of the vulnerability and said the matter has been addressed. But roughly 80 million people play Fortnite every month, and as many as 200 million users have registered accounts, the company has previously said.

“We encourage players to protect their accounts by not reusing passwords and using strong passwords, and not sharing account information with others,” Epic said in a statement. Epic’s admission follows a report by Check Point Research, an information security group, which said it privately notified Epic of the flaw after tests revealed it could lead to widespread fraud.

The bug worked by giving hackers the ability to steal pieces of code used to identify a player when he or she logs into the game using a third-party account such as Facebook or Xbox Live, the researchers said. Players could have been exposed to the flaw if they clicked a malicious phishing link designed to exploit the vulnerability. Along with their report, the group also published a YouTube video explaining the research.

After using these security tokens to access a player’s account in Fortnite, hackers could then take actions such as buying in-game currency, according to the report. The report also said, but Epic did not confirm, that hackers could have eavesdropped on players’ conversations in the game’s voice chat.

“Fortnite is one of the most popular games played mainly by kids,” Oded Vanunu, Check Point’s head of products vulnerability research, said in a statement. “These flaws provided the ability for a massive invasion of privacy.”

Related Stories

Democratic Connecticut lawmakers report bomb threats at homes
Nation & World
Democrats win supermajority in Oregon House, Senate, with narrow win in Woodburn
Northwest
'AI Jesus' avatar tests man's faith in machines and the divine
Business
'Like bringing in a chainsaw': Washington trade officials not keen on Trump's tariff plans
Business
Prescribed burns scheduled across Washington to mitigate wildfires, improve habitats
Northwest
Outlook uncertain for AI regulations as U.S. government pivots to full Republican control
Business
Featured Realtor
Columbian Homes featured real estate agent
View Listings