V-bucks YouTube scams affect tens of thousands of users with malware

Web-based game-streaming platform Rainway, reported that tens of thousands of Fortnite players that have infected their systems with a piece of malware

Must Read

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

How tech bolster security of online gaming platforms

The rise of and is evident throughout the world’s financial capitals with the UK, US, and a few other European nations at the forefront

Explained: The evolving nature of cybersecurity threats

Concerns such as hacking and the presence of computer viruses have existed for decades in one form or another. As technology evolved over the years, so did the cybersecurity  threats themselves.

Recently a Web-based game-streaming platform Rainway, reported that tens of thousands of players that have infected their systems with a piece of malware that hijacks encrypted Web sessions in order to inject fraudulent ads into every website a user visits.

Rainway CEO Andrew Sampson published a blog post (linked below) in which he said that the company began receiving hundreds of thousands of error reports from its server logs last week and after investigating, the team found that the systems of their users were attempting to connect with various ad platforms.

Since Rainway system allows only whitelisted domains, users can connect only to approved URLs and every ad-related requests got blocked which in return resulted in errors that helped Rainway identify the issue..

As these errors kept flowing in, the company examined the root cause of such errors by analysing what these users had in common. According to the company, their ISPs were different, they did not share any hardware and in fact, their systems were also up to date. There was just one thing that was common – they all played Fortnite.

How were the systems infected?

It was discovered that the affected users had installed cracked versions of Fornite tools which were being advertised through Youtube videos. These tools claimed to generate free V-bucks to give those users an unfair advantage over other players.

However, in reality, these hacks installed a root certificate on the infected computers that allowed hackers modify all network traffic using a man-in-the-middle attack, even if the web session is encrypted.

The hackers leveraged the popularity of the Fortnite game to spread adware that alters the pages of a web request to serve its own ads.

According to the reports, the malware had already been downloaded 78,000 times before it was taken down.

According to Ankush Johar, Director at Infosec Ventures, gamers are often tempted to install these kinds of cheats, cracks, mods etc, however, one thing that should be kept in mind is that – Nothing comes for free. There is almost a 99% certainty that game cheats and hack tools that are available on the contain some sort of malware/adware that can affect user’s systems and then used to generate revenue using ads or selling data in the black market, else what’s the benefit to the crackers?

The attack methodology used here i.e. installing a root certificate is one of the most dangerous things an attacker can do. This makes the compromised machines trust the https certificates generated by hackers and show a green lock in the browser even when the certificate is not what its supposed to be. So, a hacker can, in fact, using a man in the middle attack, make users redirect to phishing look-alikes of websites they visit such as Facebook, Gmail etc and users won’t have any idea as the browser will show that the website is trusted.

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Leave a Reply

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Sapience Analytics signs distribution agreement with Redington

Sapience Analytics and Redington said that they have entered into a distribution agreement where latter will resell the Sapience Vue solution through its network of over 30,000 channel partners, system integrators, and value-added resellers countrywide.
- Advertisement -SAP Hana

Related Articles