Bitcoin Stealing Malware Hidden in Cheats for Popular Game “Fortnite”

A recent investigation by Malwarebytes Labs has revealed that malicious code is hidden in a number of purported cheats for the popular video game “Fortnite.” Scammers have tricked gamers into downloading malware with the promise that they are actually downloading a hack that will give them an advantage over other players in the game. The vast majority of these cheat hacks are actually trojan malware files that steal important data from the user, and could even give the hacker access to Bitcoin (BTC) wallets.

The perpetrators of this scam are using YouTube videos about Fortnite to lure gamers into downloading a file containing malware. Some videos also claim to offer free season passes. As you can see below, these videos are all over YouTube, and although some are slowly being taken down, there are always more to replace them.


The malware was traced back to a website with the URL : bt-fortnite-cheats(dot)tk. However, there may be many other mirror sites offering the same downloads.

The download page was messy, but could nonetheless be convincing, especially for younger players. Below is a screenshot of one of the most popular download pages, which has over 1,207 downloads.

fortnite 2.jpg

Fortnite publisher Epic Games has been very aggressive with both hackers and cheaters in the past, even going so far as to sue a 14-year-old who was accused of developing a cheat for the game.

Ongoing Problems

This is not the first time that crypto-related malware has been a problem for Fortnite gamers. Just last year, Epic Games sued a hacker who hid an involuntary Bitcoin miner in a fake “cheat” download. A complaint from Epic Games stated that the malware:

Functions as a bitcoin miner that infects the user’s computer with a virus that causes the user’s computer to mine bitcoin for the benefit of an unknown third party.

This new malware is also very similar to the “Wannamine” malware reported on by CryptoGlobe last month, and, despite the aggressive legal action and threat of malware infection “Fortnite hacks” and “Fortnite cheats” still remain among the top internet searches.

Ravencoin Vulnerability Allowed Attackers to Increase Total Supply by 1.5%

Attackers have exploited a vulnerability found in Ravencoin, an open-source fork of Bitcoin that launched in 2018, to generate extra RVN tokens “beyond the coinbase of 5000 RVN per block.”

According to a Medium post published by Ravencoin lead developer Tron Black, community members from the CryptoScope team reached out to the Ravencoin team with the findings. Both teams then worked together to stop the exploit from being leaked, and started “code review to detect, isolate, and fix the issue.” The post reads:

A community code submission caused a bug that has been exploited. Law enforcement has been notified and is working with us. The vulnerability does not allow the stealing of RVN or assets that you own and control, but the minting did create RVN that should not exist.

In total, the extra coins that were minted beyond Ravencoin’s total 21 billion supply are the equivalent of 44 days worth of mining, or about 1.5% of the RVN tokens that will ever exist. Black’s suggestion on the post was for the community to absorb the economic cost of the extra tokens, or to move the halving 44 days earlier.

He added the minted RVN tokens were moved to an exchange and traded, and as a result were mixed with other circulating RVN tokens. This means that trying to burn the tokens, even if with community backing, will “cause irreparable harm to innocent victims.”

The burden, Black added, is currently being shared across all RVN holders in proportion to their holdings in the form of inflation. The developer urged users to keep trading to a minimum until a fix is issued. Details on the vulnerability will not be revealed until the fix is implemented.

Featured image by Tyler Quiring on Unsplash.