Malicious adware has been discovered in a popular Fortnite hack after it was downloaded more than 78,000 times.
The discovery came after game streaming platform Rainway found its tracker flooded by “hundreds of thousands of error reports.” According to platform CEO Andrew Samson, each involved calls to various ad platforms, and all were coming from users playing Fortnite.
Samson decided to do some digging, and the team started trawling through popular Fortnite hacks to find the culprit. Creating a small tool to sift through dozens of downloads, sourcing from YouTube hack and cheat videos, Rainway eventually found the guilty software “after hours of painstaking searching.”
A tool promising free V-Bucks - Fortnite’s in-game currency - and aimbot in a 2-in-1 package was found to be immediately installing a root certificate on the user’s device, changing Windows to proxy all web traffic through itself.
Samson sent an abuse report to the file host, removing the download immediately. Unfortunately, the file had already been download over 78,000 times. Rainway also contacted Adtelligent to report the keys linked to the URLs, with no response. Springserve, on the other hand, quickly co-operated to remove identify and remove the abusive keys from their platform.
“Epic could do a better job at educating their users on these malicious programs and helping them understand how airtight Fortnite’s systems are at preventing cheating,” said Sampson. “I’d also recommend they spend more time moderating YouTube to help take down these videos to avert a countless number of people from pwning themselves.
“Sometimes the allure of cheating is powerful, and a strong presence is needed to help push people in the right direction.”
Samson detailed the full process used to discover and shut-down the malicious software in this blog post.