Fortnite Vulnerability Was Letting Hackers Take Over Accounts

Published: January 16, 2019 12:41 PM /



The popularity of Fortnite has spawned a massive community and revenue stream for developer Epic Games, but it is not without its share of problems.

TechCrunch's Zack Whittaker today published a report on Fortnite being completely vulnerable to hackers who can have the power to hijack a whole players account, meaning the hacker can not only impersonate a player and log in to their account, but they can do this without the need of the players password.

The research, done by Check Point, says that all 200 million players of the game can be affected by this bug, which exploits three different vulnerabilities that, chained together, could have the hacker gain control of the account access token set on the player's device.

All of this was done through a malicious code exploit, where the hacker embeds a link of code on a players server by exploiting a cross-site weakness in the subdomain. Once the codes script loads, it steals the players account token, sending it back to the hacker.

The problem with the exploit is that it is entirely on Epic Games itself, due to how they handle login requests. A detailed video is found on TechCrunch, showing the process of the exploit.

“It’s important to remember that the URL is coming from an Epic Games domain, so it’s transparent to the user and any security filter will not suspect anything,” stated Oded Vanunu, Check Point’s head of products vulnerability research. “If the victim user is not logged into the game, he or she would have to login first. Once that person is logged in, the account can be stolen.”

Epic Games has responded to the problem swiftly, fixing the vulnerability as soon as they were able. Epic Games was unsure how many Fortnite accounts were compromised by the exploit, however, or if any data was actually stolen.

Fortnite, despite being a successful game, has also been a source of constant problems and security breaches. Just yesterday there was a report of cybercriminals exploiting Fortnite's V-Bucks system, a massive problem that security agencies have been combating for months now. Issues such as this exploit only compound the situation further.

What are your thoughts on all of this? Leave your comments below. 

Have a tip, or want to point out something we missed? Leave a Comment or e-mail us at

Me smiling
| Staff Writer

A longtime player of games, creator of worlds, and teacher of minds. Robert has worked many positions over the years, from college professor to education… More about Robert

More Info About This Game
Learn more about Fortnite
Game Page Fortnite
Epic Games
Epic Games
Purchase (Some links may be affiliated)