Children playing Fortnite were exposed to a potential “massive invasion of privacy” thanks to an oversight in the game’s security, researchers have revealed.
The popular shooting game enjoyed by more than 80 million people around the world left users vulnerable to a flaw that if exploited, allowed hackers to steal virtual currency and read private conversations online. The bug was fixed in mid-December, according to researchers who shared their findings with Fortnite’s developer, Epic Games.
To take control, the researchers sent a message to their victim over social media including a malicious link. Once clicked, the user’s Fortnite authentication token – code that confirms a user is logged in – could be captured by the attacker without the user entering their username or password.