Bitcoin Stealing Malware Hidden in Cheats for Popular Game “Fortnite”

A recent investigation by Malwarebytes Labs has revealed that malicious code is hidden in a number of purported cheats for the popular video game “Fortnite.” Scammers have tricked gamers into downloading malware with the promise that they are actually downloading a hack that will give them an advantage over other players in the game. The vast majority of these cheat hacks are actually trojan malware files that steal important data from the user, and could even give the hacker access to Bitcoin (BTC) wallets.

The perpetrators of this scam are using YouTube videos about Fortnite to lure gamers into downloading a file containing malware. Some videos also claim to offer free season passes. As you can see below, these videos are all over YouTube, and although some are slowly being taken down, there are always more to replace them.

fortnite.jpg

The malware was traced back to a website with the URL : bt-fortnite-cheats(dot)tk. However, there may be many other mirror sites offering the same downloads.

The download page was messy, but could nonetheless be convincing, especially for younger players. Below is a screenshot of one of the most popular download pages, which has over 1,207 downloads.


fortnite 2.jpg

Fortnite publisher Epic Games has been very aggressive with both hackers and cheaters in the past, even going so far as to sue a 14-year-old who was accused of developing a cheat for the game.

Ongoing Problems

This is not the first time that crypto-related malware has been a problem for Fortnite gamers. Just last year, Epic Games sued a hacker who hid an involuntary Bitcoin miner in a fake “cheat” download. A complaint from Epic Games stated that the malware:

Functions as a bitcoin miner that infects the user’s computer with a virus that causes the user’s computer to mine bitcoin for the benefit of an unknown third party.

This new malware is also very similar to the “Wannamine” malware reported on by CryptoGlobe last month, and, despite the aggressive legal action and threat of malware infection “Fortnite hacks” and “Fortnite cheats” still remain among the top internet searches.

GateHub Data Breach Compromised Crypto Wallet Passwords for 1.4 Million Users

Michael LaVere
  • More than 1.4 million users were affected by the data breach of crypto wallet service GateHub.
  • User email addresses, passwords and two-factor authenticators were posted to the dark web. 

A massive data breach has led to more than 2.2 million users having their password data and personal information posted online, including information from the crypto wallet service GateHub. 

According to a report by Ars Technica published Nov. 19, security researcher Troy Hunt confirmed that more than 2.2 million users had their data posted online in a massive breach of privacy.

Hunt, who is the researcher behind the “Have I Been Pwned” breach notification service, says that 1.4 million accounts from GateHub’s cryptocurrency wallet service were impacted, in addition to 800,000 accounts on the RuneScape bot provider Epic Bot.

The stolen information includes user email addresses, passwords, and two-factor authentication. While the original poster of the 3.72GB GateHub database claimed it included wallet hashes, GateHub officials later disputed the point following an investigation. 

GateHub previously notified users of a hack occurring in July, which resulted in the theft of 23 million XRP. However, the company claimed the data compromise had been limited to around 18,000 user accounts, far from the 1.4 million that have recently been posted to the dark web. 

Featured Image Credit: Photo via Pixabay.com