Earlier this month, the team of engineers at game-streaming program Rainway swiftly located a malware that had crept into the computer systems of users playing games, but by then, several thousands of systems were already compromised.
They went about methodically eliminating the source of the malware one by one before they found out it was the video game Fortnite that was used by the hackers to make the entry.
In their over-enthusiasm, the players fell prey to the hacker’s sugar-coated offer of freebies in the Fortnite game that they thought were for real but turned out to be a trick or a fraud.
Given the popularity of Fortnite, which has garnered a user base of 125 million players as of last month, the adware was able to attract tens of thousands of downloads before it was swiftly removed from the Rainway platform.
Games and Adware Can Be Vulnerable Targets
Those who play games like Fortnite, largely young people, are so keen to post wins that they grab every opportunity that can give them advantage in the game.
And in this case, the hackers that created the malware promised unsuspecting users V-Bucks, the currency used in Fortnite, which could be used to make in-game purchases.
This is the weakness that the hacker on the Rainway platform exploited to gain access to victims’ systems. What triggered the remedial action by Rainway was the flurry of error reports that landed on their tracker.
Their security team immediately set about locating the culprit. With there being no uniformity among the different players of the game—in terms of the devices they are using and the software they were working on—if there is a uniform type of error being reported, then the issue lay elsewhere.
This is how the security team could realize the problem was not through their platform or app, but it was a program targeting Fortnite players in particular.
The malicious program acquired 78,000 downloads in total.
The Rainway Team Responds
In an official blog post, the Rainway security team shared the details of how they addressed the attack.
Their first check was on their website and they found nothing wrong there. At the next level, they found the complaint reports being received showed that there was no uniformity in any of the key factors affecting the attack.
Factors such as hardware or internet service providers were different in each complaint case, showing that the only commonality in all the complaints was that they were all playing Fortnite when the error surfaced.
That’s when the idea of checking on the cheat code sites struck and the security team quickly went about checking as many cheat sites as possible to analyze the data.
They eventually managed to locate the hacker who was promising attractive advantages to Fortnite players. Through this, the team found that this was a typical Man-in-the-Middle (MITM) attack.
Users Warned/Advised of the Appropriate Action
Many gaming enthusiasts are quick to accept downloads that contain free benefits with which they can win more rounds of the game.
The moment they admit or accept the download, they fall into the hands of the hacker who would then infect the system and cause damage.
Rainway has now sent out a notice to users that they must not get lured by these deceitful offers of freebies by people with malicious intentions.
They must use logic that if it is indeed true that they are being offered something for free, then there could be a catch somewhere and the person could have some ulterior motive in making the offer.
From its side, Rainway has further strengthened the platform’s security. They are now giving an assurance that the MITM attacks will not be allowed to be facilitated.
Users can feel confident if they receive such notices from the official game developer, but if it is from any other source, it must not be downloaded or accepted.
This way, the user will be able to avoid the kind of adware that’s targeting their systems.