Fortnite V-bucks YouTube scams affect tens of thousands of users with malware

Web-based game-streaming platform Rainway, reported that tens of thousands of Fortnite players that have infected their systems with a piece of malware

Must Read

Explained: What gaming options are open for low-spec desktops and laptops

Even if you purchase a low-spec desktop PC or , it’s never a barrier to enjoying some form of gaming

Microsoft partners with Accenture to host virtual startup challenge in India

Microsoft 100X100X100 program that focuses to bring 100 companies and 100 early and growth startups will collaborate with Accenture Ventures Open Innovation program to host Accenture Ventures Challenge

SAP eyes India’s MSMEs with ‘Global Bharat’ program

With the aim to focus on MSMEs market in India, has launched 'Global Bharat' program with Nasscom, UNDP and

Recently a Web-based game-streaming platform Rainway, reported that tens of thousands of players that have infected their systems with a piece of malware that hijacks encrypted Web sessions in order to inject fraudulent ads into every website a user visits.

Rainway CEO Andrew Sampson published a blog post (linked below) in which he said that the company began receiving hundreds of thousands of error reports from its server logs last week and after investigating, the team found that the systems of their users were attempting to connect with various ad platforms.

Since Rainway system allows only whitelisted domains, users can connect only to approved URLs and every ad-related requests got blocked which in return resulted in errors that helped Rainway identify the issue..

As these errors kept flowing in, the company examined the root cause of such errors by analysing what these users had in common. According to the company, their ISPs were different, they did not share any hardware and in fact, their systems were also up to date. There was just one thing that was common – they all played Fortnite.

How were the systems infected?

It was discovered that the affected users had installed cracked versions of Fornite tools which were being advertised through Youtube videos. These tools claimed to generate free V-bucks to give those users an unfair advantage over other players.

However, in reality, these hacks installed a root certificate on the infected computers that allowed hackers modify all network traffic using a man-in-the-middle attack, even if the web session is encrypted.

The hackers leveraged the popularity of the Fortnite game to spread adware that alters the pages of a web request to serve its own ads.

According to the reports, the malware had already been downloaded 78,000 times before it was taken down.

According to Ankush Johar, Director at Infosec Ventures, gamers are often tempted to install these kinds of cheats, cracks, mods etc, however, one thing that should be kept in mind is that – Nothing comes for free. There is almost a 99% certainty that game cheats and hack tools that are available on the internet contain some sort of malware/adware that can affect user’s systems and then used to generate revenue using ads or selling data in the black market, else what’s the benefit to the crackers?

The attack methodology used here i.e. installing a root certificate is one of the most dangerous things an attacker can do. This makes the compromised machines trust the https certificates generated by hackers and show a green lock in the browser even when the certificate is not what its supposed to be. So, a hacker can, in fact, using a man in the middle attack, make users redirect to phishing look-alikes of websites they visit such as Facebook, Gmail etc and users won’t have any idea as the browser will show that the website is trusted.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

- Advertisement -SAP Hana

Related Articles