Critical Authentication Flaw Found in Fortnite’s Login Process Leaking Private InformationFigure 1 Image Credits: The research company Epic Games Security found a major flaw in Fortnite’s authentication system that could jeopardize the private data of all users. The vulnerability essentially allows attackers by tricking users into clicking a link to steal login tokens. Epic Games has already resolved the security issue which means no user action is needed. Thanks to the massive player base dominated by the famous battle royale game, Fortnite has become a major target for cyber criminals. With more than 78.3 million monthly players recently found a crucial vulnerability already patched out. According to Check Point: “With the access token in the attacker’s pocket, he can now log in to the Fortnite account of the user and display any data stored there, including the ability to purchase more in-game currency at the user’s expense. He would also have access to all in-game connections of the player, as well as listen in during gaming conversations. “Despite the fact that the attack is not particularly complicated, people who use the exploit need to have the technical know-how and experience of old domains previously owned by Epic Games. The Fortnite developers have several old subdomains used by attackers to scan for valuable data. Attackers ‘ interest lies mainly in the virtual currency Fortnite, also known as V-Bucks. 1000 V-Bucks is worth $10 but once attackers have access to their victims ‘ financial information, they purchase the digital currency and sell it to other players for a discount. It leads to cyber criminals taking advantage of the transactions while blocking accounts of the victims.