Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News
News Categories

Researchers from Check Point discovered multiple vulnerabilities that allowed Fortnite players’ accounts to be hacked

By Wong Chung Wee - on 17 Jan 2019, 3:25pm

Researchers from Check Point discovered multiple vulnerabilities that allowed Fortnite players’ accounts to be hacked

(Image source: Check Point)

Researchers from internet security firm Check Point discovered multiple vulnerabilities on Epic Games’ online platform, which allowed Fortnite players’ accounts to be compromised. Fortunately, Epic Games were informed by Check Point and the vulnerabilities were patched for Fortnite players’ safety.

According to the researchers, their hacking methodology was sinister and sophisticated as it didn’t require the Fortnite user to reveal his account credentials. All they needed was for the player to click a malicious link from an Epic Games domain, and the Fortnite username and password could be captured from this exploit.

The origin of this exploit was found on two of Epic Games’ sub-domains that were vulnerable to unauthorized web redirects, and once a user clicks on a crafted malicious link, his Fortnite authentication token may likely be captured from the compromised sub-domain.

Check Point has advised netizens to avoid clicking on suspicious links and to make use of two factor authentication (2FA) to mitigate their chances to falling victim to similar exploits. On the corporate side, the internet security company advised organizations to reveal their IT infrastructure to locate any websites and sub-domains that are still online but have already fallen into disuse. A full technical analysis of this vulnerability is available from the Check Point Research blog.

(Source: Check Point)

Loading...