Fortnite has over 80 million players worldwide, and all of their accounts could have been affected by a security vulnerability inside the game according to a report by Checkpoint, a cybersecurity solutions provider.
The vulnerability if exploited would give the attacker complete access to the affected user’s account and their personal information. It also enabled them to make virtual in-game purchases using the affected user’s payment details.
This vulnerability could have been used to get access to any players Fornite account whether it be on Android, iOS, PC, Xbox One or PS4. When taken advantage of this vulnerability the attacker could listen to in-game chatter as well as surrounding sounds and conversations causing a massive invasion of privacy for the victim.
In the report, Checkpoint explains that this vulnerability consisted three flaws in Epic Games web infrastructure. They explained that to become a victim the player will have to click on a phishing link sent via an Epic Games domain, which will be sent by the attacker.
Once the link is clicked, the player’s authentication token will be captured by the attacker, which can then be used to access the player’s account.
Epic Games has fixed this vulnerability caused due to two faulty sub-domains and advise all its users to remain vigilant and practice safe cyber habits. They also recommend that users should enable two-factor authentication to minimise such threats.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines