Incident: Malware-infected Fortnite Hack Leads to Data Breach and Ad Revenue.

Published Date: 2018-07-05

Postmortem Analysis
Timeline 1. The software failure incident where thousands of Fortnite players installed malware on their PCs after attempting to cheat happened in July 2018 [73621].
System 1. Fortnite game software 2. Hack software containing malware 3. Root certificate installation software 4. Windows operating system 5. Web browsers 6. Ad platform used by hackers 7. Virtual machine software 8. Man-in-the-middle attack software 9. Display advertisement software 10. Web traffic monitoring software 11. Payment details security measures
Responsible Organization 1. Hackers who laced the cheat download with malware [73621] 2. Malware developers who created the malicious software [73621]
Impacted Organization 1. Thousands of video game players who downloaded the hack [73621]
Software Causes 1. The software failure incident was caused by Fortnite players downloading a hack to their computers which promised in-game currency for free, but was laced with malware, infecting thousands of computers [73621]. 2. The malware allowed hackers to execute a 'man-in-the-middle' attack, intercepting and monitoring web traffic between players and the server, exposing private information including bank details [73621]. 3. The malware also changed Windows settings to proxy all web traffic through itself, enabling hackers to run their own display advertisements on players' computers, generating revenue for cyber criminals [73621].
Non-software Causes 1. The failure incident was caused by players attempting to cheat in the game Fortnite by downloading a hack that promised free in-game currency instead of using in-app purchases [73621]. 2. The hack downloaded by players was laced with malware, which infected thousands of computers and allowed hackers to place their own advertisements inside players' web browsers [73621]. 3. The malware targeted at Fortnite players was able to execute a 'man-in-the-middle' attack, allowing hackers to intercept and monitor web traffic, potentially exposing players' private information, including bank details [73621].
Impacts 1. Thousands of Fortnite players inadvertently installed malware on their PCs while attempting to cheat in the game, leading to their computers being infected [73621]. 2. The malware allowed hackers to place their own advertisements in players' web browsers, potentially exposing private information such as payment details [73621]. 3. The malware executed a 'man-in-the-middle' attack, enabling hackers to intercept and monitor web traffic, exposing players' sensitive information [73621]. 4. The malicious advertisements generated revenue for cybercriminals, impacting the affected players financially [73621]. 5. Game-streaming company Rainway took action to remove hackers from the ad platform, preventing future revenue from the scam and mitigating further impacts [73621].
Preventions 1. Implementing robust security measures to prevent unauthorized access and downloads of third-party software, especially cheats or hacks, which could potentially contain malware [73621]. 2. Conducting regular security audits and vulnerability assessments to detect and address any potential weaknesses in the system that could be exploited by hackers [73621]. 3. Educating users about the risks of downloading unofficial software and emphasizing the importance of sticking to official sources for game-related downloads to avoid malware infections [73621].
Fixes 1. Removing the malware from infected computers and ensuring all affected players have cleaned their systems thoroughly to eliminate any traces of the malware [73621]. 2. Educating Fortnite players about the risks of downloading unofficial software that promises paid-for features for free and advising them to avoid such downloads in the future [73621]. 3. Enhancing cybersecurity measures within the Fortnite game to prevent similar malware attacks in the future, such as improving detection mechanisms for unauthorized software downloads [73621].
References 1. Security experts at game-streaming platform Rainway [73621]

Software Taxonomy of Faults

Category Option Rationale
Recurring multiple_organization (a) The software failure incident related to the malware attack on Fortnite players due to downloading a hack promising free in-game currency was discovered by security experts at game-streaming platform Rainway [73621]. This incident highlights a failure within the security measures of the Fortnite game, indicating a vulnerability that allowed hackers to exploit the system. (b) The incident of malware being distributed to Fortnite players through a hack promising free in-game currency could potentially serve as a warning for other online gaming platforms and services. It showcases the risks associated with downloading unofficial software that claims to provide paid features for free, as it can lead to malware infections and security breaches [73621]. Other organizations offering online games or services may need to be vigilant against similar attacks and educate their users about the risks of downloading unauthorized software.
Phase (Design/Operation) design, operation (a) The software failure incident related to the design phase was due to the development of a hack that promised Fortnite players in-game currency for free, instead of using in-app purchases. This hack was laced with malware, which infected thousands of computers and allowed hackers to place their own advertisements inside players' web browsers, making money each time they were viewed. The malware executed a 'man-in-the-middle' attack, intercepting and monitoring web traffic, potentially exposing players' private information like payment details [73621]. (b) The software failure incident related to the operation phase was due to players downloading and installing the malicious hack onto their PCs, thinking they were gaining an advantage in the game. This operation, which involved the misuse of unofficial software claiming to enable paid-for features for free, led to the installation of malware on the players' devices. The operation of downloading and running the hack allowed the malware to execute its malicious activities, including intercepting web traffic and running unauthorized advertisements on players' computers [73621].
Boundary (Internal/External) within_system, outside_system (a) The software failure incident related to the Fortnite hack can be categorized as within_system. The incident involved players downloading a hack promising free in-game currency, which turned out to be malware that infected their computers. The malware allowed hackers to execute a 'man-in-the-middle' attack, intercepting and monitoring web traffic between the players and the server. This indicates that the failure originated from within the system, as the malware was introduced through the hack downloaded by the players [73621]. (b) Additionally, the incident also involved hackers placing their own advertisements inside players' web browsers to make money each time they were viewed. This aspect of the incident, where external entities (hackers) were able to exploit the system for financial gain, can be considered as contributing factors originating from outside the system [73621].
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident in Article 73621 occurred due to non-human actions. Thousands of Fortnite players inadvertently installed malware on their PCs after downloading a hack promising free in-game currency. The malware injected itself into the secure connection between the players and the server, allowing hackers to intercept and monitor web traffic, potentially exposing private information like payment details [73621].
Dimension (Hardware/Software) software (a) The software failure incident reported in the article was primarily due to contributing factors originating in software. Thousands of Fortnite players downloaded a hack promising free in-game currency, which was actually laced with malware, allowing hackers to place their own advertisements in players' web browsers and potentially siphon private information [73621]. (b) The software failure incident was not directly attributed to hardware issues but rather to the malicious software that was downloaded by players [73621].
Objective (Malicious/Non-malicious) malicious (a) The software failure incident in this case was malicious. Hackers created a hack promising free in-game currency for Fortnite players, but the download was laced with malware that infected thousands of computers. This malware allowed hackers to execute a 'man-in-the-middle' attack, intercepting and monitoring web traffic, potentially exposing private information like payment details [73621].
Intent (Poor/Accidental Decisions) accidental_decisions (a) The intent of the software failure incident was accidental_decisions. Thousands of video game players accidentally installed malware on their PCs after attempting to cheat in Fortnite by downloading a hack that promised free in-game currency [73621].
Capability (Incompetence/Accidental) development_incompetence, accidental (a) The software failure incident reported in Article 73621 was due to development incompetence. Thousands of Fortnite players accidentally installed malware on their PCs after attempting to cheat in the game by downloading a hack that promised free in-game currency instead of using in-app purchases. The hack was laced with malware that infected thousands of computers, allowing hackers to place their own advertisements inside players' web browsers and potentially siphon private information like payment details. The malware executed a 'man-in-the-middle' attack, intercepting and monitoring web traffic, exposing players' private information and enabling hackers to run their own display advertisements on players' computers [73621]. (b) The software failure incident was also accidental in nature, as players unknowingly downloaded the hack thinking it would provide them with free in-game currency. The unintended consequence of this action was the installation of malware on their PCs, leading to the exploitation of their web traffic and potential exposure of sensitive information [73621].
Duration permanent (a) The software failure incident in the article is more of a permanent nature. The malware that infected thousands of computers of Fortnite players was designed to execute a 'man-in-the-middle' attack, allowing hackers to intercept and monitor web traffic, potentially exposing private information like bank details [73621]. This type of attack permanently compromises the security and privacy of the affected computers unless proper measures are taken to remove the malware and secure the systems.
Behaviour crash, omission, value, other (a) crash: The software failure incident in the article can be categorized as a crash. The malware installed by Fortnite players caused their computers to lose control over the web traffic, allowing hackers to intercept and monitor the data flow. This resulted in a system crash where the intended functions of secure web browsing were compromised [73621]. (b) omission: The software failure incident can also be linked to omission. The malware omitted to perform the intended function of secure web browsing by allowing unauthorized third parties to intercept and manipulate the data flow between the players' computers and the servers. This omission led to the compromise of users' private information and potential financial details [73621]. (c) timing: The timing of the software failure incident is not explicitly mentioned in the article. Therefore, it is unknown if the failure was related to the system performing its intended functions correctly but at the wrong time. (d) value: The software failure incident can be associated with a failure in value. The malware installed by players promised to provide in-game currency for free, which was an incorrect and deceptive function. Instead of delivering the promised value, the software led to the installation of malware on the users' computers, compromising their security and potentially exposing sensitive information [73621]. (e) byzantine: The software failure incident does not exhibit characteristics of a byzantine failure where the system behaves erroneously with inconsistent responses and interactions. The incident primarily involved the installation of malware that allowed hackers to manipulate web traffic and display unauthorized advertisements, rather than exhibiting inconsistent behavior [73621]. (f) other: The software failure incident can be categorized as a security breach. The malware installed by players not only compromised the security of their computers but also allowed hackers to insert themselves into the secure connection between the players and the servers. This unauthorized access and manipulation of data flow represent a significant security breach in addition to a system failure [73621].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence property, theoretical_consequence (d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident involving Fortnite players downloading malware-infected hacks resulted in hackers being able to place their own advertisements inside players' web browsers, generating revenue each time they were viewed. Additionally, the malware allowed hackers to siphon private information from users' browsing history, potentially including payment details [73621].
Domain entertainment (a) The software failure incident reported in Article 73621 is related to the entertainment industry. The incident involved thousands of Fortnite players downloading a hack that promised in-game currency for free, leading to malware infecting their computers and potentially exposing private information [73621]. The game Fortnite is described as a battle royale-style survival shooter where players compete against each other on a dystopian island [73621]. The incident highlights the risks associated with downloading unofficial software in the gaming and entertainment sector.

Sources

Back to List