Why Not to Cheat… Tens of Thousands of Fortnite Players Infected by Malware
Popular games have always been one of the best ways for criminals and scammers to trick gamers into downloading malware. From cheating apps to some non-existent future version of the game, we have seen a lot of instances where gamers' enthusiasm has been used to trick them into getting their computers infected. With Fortnite's immense popularity, we have been seeing a number of blog posts and videos claiming to share cheats with players.
All may be fun and games but when you are playing something that has attracted over 100 million players, be wary that many of those cheats and hacks could end up hacking your own machine. Rainway, a game streaming platform, revealed having discovered malicious Windows adware hiding in a cheat that promised players to generate free V-Bucks and aimbot.
If you installed it, the cheat actually installed a self-signed root certificate that could perform a man-in-the-middle (MitM) attack on every website the user visited, generating ad revenues. This malware essentially routed all traffic through a proxy.
"We downloaded hundreds of programs, all claiming to do something to help a player get ahead," Rainway wrote. "While they were all indeed malicious, we were looking for a specific one."
We then spun up a virtual machine and ran the hack, it immediately installed a root certificate on the device and changed Windows to proxy all web traffic through itself. A successful Man in the Middle Attack.
Now, the adware began altering the pages of all web request to add in tags for Adtelligent and voila...
The researchers reported the malware to the unnamed service provider that hosted it, which took it down but confirmed that it had already been downloaded over 78,000 times. In total, Rainway received 381,000 error reports.
Fortnite malware could read, intercept, and tamper with web traffic
While this isn't something new, it goes to show that most of these cheating apps and hacks are designed to entice gamers into downloading malware or adware on their systems. As Rainway reminds, these are no good old times when cheating in games used to be easy. The company also recommended Epic to talk more about the impossibility of cheating in Fortnite to avoid gamers from taking the bait.
"Epic could do a better job at educating their users on these malicious programs and helping them understand how airtight Fortnite's systems are at preventing cheating," Rainway's Andrew Sampson wrote. "I’d also recommend they spend more time moderating YouTube to help take down these videos to avert a countless number of people from pwning themselves. Sometimes the allure of cheating is powerful, and a strong presence is needed to help push people in the right direction."