Fortnite is currently one of the most popular video games in the world, with reports suggesting that 125 million people are active players.
Malwarebytes has investigated the game’s online ecosystem and found that “con artists” are sneaking malicious data theft code into downloads that apparently promise “free” season six Fortnite Android versions, among other “bogus cheats, wallhacks and aimbots.” So-called “free V-Bucks” – an in-game currency that can be used to purchase additional gaming content – also conceal malicious packages of code, according to the investigation.
Malwarebytes found that these deceptive links are promoted via scammers’ youtube channels, which redirect users to downloads that conceal the malware. For one malicious file, the investigation reportedly found that over 1,200 downloads had already been completed; Malwarebytes’ detection methods identified the file as “Trojan.Malpack,” and found that it was a data stealer targeting Bitcoin wallets, browser session information, cookies, and other data.
The file in question reportedly attempted to redirect the siphoned information “via a POST command to an /index.php file in the Russian Federation, courtesy of the IP address 5(dot)101(dot)78(dot)169.”
Malwarebytes further warned that the accompanying readme file to the malware advertises the option to purchase more Fortnite game cheats “for $80 Bitcoin.” The investigation noted that other types of suspiciously packaged code use a process known as “Stealer.exe,” and post the ill-gotten data to “to /gate.php instead of index.php.”
As previously reported, multiple cybercrime threat analyses this year have emphasized the rising popularity of crypto mining malware – or cryptojacking – among hackers. In late September, McAfee Labs released data suggesting that total samples of one type of such malware known as “coin miner” had risen by 86 percent in the second quarter of 2018.