Crypto-Malware Allows Scammers to Steal Bitcoin Through Fortnite

The popular video game has become the target of Russian hackers looking to scam players out of their BTC.


Epic Game’s smash hit Fortnite has become the target of crypto-malware. Russian hackers have used the popular multiplayer video game to scam players out of their Bitcoin.

Fortnite is one of the most successful contemporary video games, and has attracted over 125 million players as of June 2018. The malware took advantage of the launch of the game’s Sixth Season.

According to research conducted by Malwarebytes Labs, cybercriminals have developed malware disguised as a cheat tool for the popular game. The hack steals user data and bitcoin from Fortnite gamers, and is advertised through YouTube videos offering “free” season passes and “free” versions of Epic’s hit for Android. Downloading the malware required viewers to go through numerous steps, including subscribing to a YouTube channel, being redirected to a different site, and taking a survey.

The videos bore titles such as “New Season 6 Fortnite Hack Cheat Free Download September 2018 / WH / Aimbot/ Undetectable.”, “Fortnite Hack Free Download,” or simply “Fortnite Cheat.” Although YouTube was quick to take down most of the videos, some still managed to get over 120,000 views.

“Offering up a malicious file under the pretense of a cheat is as old school as it gets, but that’s never stopped cybercriminals before,” said Malwarebyte’s lead intelligence analyst Christopher Boyd in a blog post. “In this scenario, would-be cheaters suffer a taste of their own medicine via a daisy chain of clickthroughs and (eventually) some malware as a parting gift.”

Data Vulnerabilities

Malwarebytes detected the tool as ‘Trojan.Malpack’, a generic detection given to suspicious file packages. Upon further research, researchers determined the malware to be a data stealer.

“Once the initial .EXE runs on the target system, it performs some basic enumeration on details specific to the infected computer,” Boyd described the process. “It then attempts to send data […] to an /index.php file in the Russian Federation.”

Some of the most notable things it takes an interest in are browser session information, cookies, Bitcoin wallets, and also Steam sessions.

The stolen data included information on browser and Steam sessions, cookies, as well as Bitcoin wallets. In addition, the “cheat tool’s” ReadMe file entices players to purchase additional Fortnite cheats for “$80 Bitcoin.”

While the subject of this blog probably isn’t that new, it’s still going to do a fair bit of damage to anyone that runs it. Combining it with the current fever for new Fortnite content is a recipe for stolen data and a lot of cleanup required afterward.

Boyd summarized that the malware is capable of doing ‘a fair bit of damage’ to players who’ve downloaded it.

“Given how things up above panned out, we’d advise anyone tempted to cheat to steer well clear of this one,” warned the researcher in his blog post. “Winning is great, but it’s absolutely not worth risking a huge slice of personal information to get the job done.”

Bitcoin (BTC) $ 35,976.00
Ethereum (ETH) $ 2,234.68
Tether (USDT) $ 1.00
Binance Coin (BNB) $ 338.64
Cardano (ADA) $ 1.43
Dogecoin (DOGE) $ 0.294134
XRP (XRP) $ 0.802279
USD Coin (USDC) $ 0.998053
Polkadot (DOT) $ 21.32
Uniswap (UNI) $ 20.57