Security investigators were able to steal access tokens attacking an Epic Games subdomain
According to network security and ethical hacking specialists from the International Institute of Cyber Security, a recently discovered vulnerability in the account authentication system of Epic Games for the popular videogame Fortnite left exposed the gamers’ accounts. According to reports, malicious users could have stolen login tokens; the attackers only needed the victims to click on a specially crafted link.
A cross-site scripting (XSS) attack, in conjunction with an invalidated subdomain, enabled cybersecurity experts to evade the protection measures implemented by the login control system used to access Fortnite.
“Single Sign-On (SSO) systems may be useful, but only while the platform accessed is not vulnerable”, as considered by network security experts. When properly implemented, user authentication passes into the hands of a third party developer, which authorizes access to the platform via a one-use token.
For the attack to succeed, the victim is required to click on a specially crafted phishing link. When the victim accesses Fortnite, the login page is redirected to the attacker’s website, where the token will be stolen. This attack may not be the most elaborated one, but attackers require certain technical expertise beyond those required to deploy phishing campaigns or brute force attacks.
As an attack of average complexity, the investigators do not rule out that the vulnerability has been exploited in the wild, although this is hardly verifiable. On the other hand, Epic Games issued a statement mentioning that the vulnerability was corrected in early December 2018, but omitted to mention whether there are any evidence that the bug has been exploited at some point.
Fortnite has become incredibly popular, with almost 80 million players a month, plus about 200 million players registered on the platform.