Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information as well as enabling them to purchase virtual in-game currency using the victim’s payment card details. The vulnerability would also have allowed for a massive invasion of privacy as an attacker could listen to in-game chatter as well as surrounding sounds and conversations within the victim’s home or other location of play.
Commenting on this, Sam Curry, chief security officer at Cybereason, said ‘Tens of millions of gamers play Fortnite regularly, and there have been many previously reported historic breaches of gaming platforms, so when you add everything up consumers are at risk. This isn’t likely to change anytime soon because as long as criminals can make money off the back of gamers, a lot personal information is likely to be continually stolen. It shouldn’t surprise anyone that consumers are oftentimes the weakest link in today’s cyber crime ecosystem and end up as pawns in a game of cyber chess, because they are by far the most vulnerable.
To minimise online gaming risks, consumers should never open emails from the vendors asking for personal information, a password update or other account information. And they should strengthen their passwords to minimise the risk of hackers cracking them. The days of having passwords such as ‘123456,’ ‘password’ or ‘cat’ should be long gone, but unfortunately that isn’t always the case.”