Fortnite cheating app infects thousands of computers around the world

3 Jul 2018

Still from Fortnite gameplay. Image: Rainway/YouTube

Game streaming service Rainway found adware in a Fortnite hack hosted on YouTube.

Gaming phenomenon Fortnite has attracted more than 100m players worldwide, but the competitive thirst for victory is seeing many people fall foul of malware attacks.

Rainway, a popular game streaming service, noticed unusually high amounts of error reports appearing on its tracker for no clear reason.

According to Rainway CEO Andrew Sampson, the errors were a result of attempted calls to ad platforms – this was immediately suspicious. Sampson wrote: “These are attempts to call various ad platforms; the first thing we should note is, Rainway does not have ads on it, which was an immediate red flag.

“The first URL in particular is JavaScript, which is attempting to act and running into an error, triggering our logging. For security and privacy reasons, we’ve always whitelisted URLs and the scope of what they can do from within Rainway. It seems now it has the unintended side effect of shining a light on a much broader issue.”

Rainway experts examined the affected user base, and they found that all of them played Fortnite.

Researchers found malicious Windows adware hiding in a game cheat purporting to be an aimbot, while promising free in-game currency (V-Bucks). Once installed, it alters Windows to serve its own malicious advertising, creating a man-in-the-middle attack.

Rainway said it had managed to quell the bulk of the attack by having the adware’s host remove the malicious file. The creators of the malware were also booted off at least one advertising platform.

381,000 reports were received by Rainway, with 78,000 downloads logged by the file host.

The exploitation of popular games and other media by malware writers and bad actors is a tried-and-true method, and interest in Fortnite has exploded in recent months.

Duping fans of the battle royale-style shooting game seems to be a growing attack method, as we reported last week. Many gamers have been conned into downloading fake versions of Fortnite for Android (which has not launched yet).

It’s clear from stories like this that users should exercise more restraint, particularly when it comes to downloading content that is not from the official game developer channels.

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects