Tech 4 October 2018

Dennis Wafula

Malware disguised as cheat tools steals crypto from Fortnite players

When the sixth season of popular video game Fortnite dropped, fans rejoiced. And opportunists tried to cash in too—by developing a cryptocurrency- and data-stealing malware posing as game cheat tools.

Malwarebytes Labs discovered the malware in YouTube videos offering “free” season passes and “free” versions of the game, according lead malware intelligence analyst Christopher Boyd.

In a blog post, Boyd noted, “We sifted through a sizable mish-mash of free season six passes, supposedly ‘free’ Android versions of Fortnite, which were leaked out from under the developer’s noses, the ever-popular blast of ‘free V-Bucks’ used to purchase additional content in the game, and a lot of bogus cheats, wallhacks, and aimbots.”

The discovery process involved going through several steps, including subscribing to a YouTube channel, before being redirected to a different site and then filling a survey before downloading the malware disguised as a cheat tool.

The videos were titled in an inviting manner. One video was called, “New Season 6 Fortnite Hack Cheat Free Download September 2018 / WH / Aimbot/ Undetectable.” Another one was titled, “Fortnite Hack Free Download,” and yet another was titled “Fortnite Cheat.” One video had 120,892 views before it was removed for breaching YouTube’s spam policy.

Boyd said passing the malware off as a cheat tool is not new—the practice has been seen for decades and is capable of doing significant damage to computer systems.

The initial .exe file runs on the target system then enumerates the details of the infected computer. After this, it sends data via a POST command to a file in Tel Aviv. Boyd noted that a lot of data is vulnerable to theft since the malware examines bitcoin wallets, Steam sessions, cookies, and information tied to browser sessions. The malware includes a readme file that advertises the ability to purchase additional Fortnite scams for ‘$80 Bitcoin’.

In as much as one may be tempted to cheat at Fortnite, Boyd advises users to avoid the temptation to download cheats.

“Offering up a malicious file under the pretense of a cheat is as old school as it gets, but that’s never stopped cybercriminals before. In this scenario, would-be cheaters suffer a taste of their own medicine via a daisy chain of clickthroughs and (eventually) some malware as a parting gift,” he wrote. “Winning is great, but it’s absolutely not worth risking a huge slice of personal information to get the job done.”

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

Blockchain analyst CipherBlade criticizes WSJ journalism, or lack thereof

Tech 22 March 2019

Blockchain analyst CipherBlade criticizes WSJ journalism, or lack thereof

CipherBlade, a blockchain investigation firm, has concluded that the Wall Street Journal (WSJ) has overstated its previous claims about the cryptocurrency exchange ShapeShift.

Read More
Unwriter announces Bottle, a Bitcoin browser

Tech 22 March 2019

Unwriter announces Bottle, a Bitcoin browser

Looking to find a way out of the world wide web, Unwriter has released Bottle, a new browser exclusively for the Bitcoin SV network.

Read More
Money Button CEO: How to upload large files to Bitcoin SV blockchain

Tech 22 March 2019

Money Button CEO: How to upload large files to Bitcoin SV blockchain

OP_Return has a 100KB upload limit, but Ryan X Charles will show you how you can upload much larger files with a new tool from Money Button.

Read More