A recently detailed security flaw in Fortnite was allowing players to access each other’s accounts.
As discovered by Check Point Software Technologies, the vulnerability enables hackers to log into another account to view that user’s personal information, speak to other players under the guise of that user, purchase in-game items and more.
The Check Point researchers said they notified Fortnite developer Epic Games of the bug in November, which was said to be subsequently patched out within a few weeks.
Hackers initiated the attack by emailing players a malicious link that, when clicked on, would give them access to the user’s “login token.” This token could then be used to log into Fortnite on one of the many platforms it’s available on, such as the PlayStation 4, PC or mobile devices.
While the bug has been fixed for a couple of months now, it remains unclear just how many players may have been affected. In a statement to The Verge, Epic did not address the potential number of victims of the flaw.
“We were made aware of the vulnerabilities and they were soon addressed. We thank Check Point for bringing this to our attention,” Epic told The Verge. “As always, we encourage players to protect their accounts by not re-using passwords and using strong passwords, and not sharing account information with others.”
Via: The Verge