Crucial Authentication Vulnerability Found in Fortnite’s Login Framework Leaking Private DataFigure 1 Picture Credits: The research company Epic Games Security found a major weakness in Fortnite’s authentication system that could jeopardize the private data of all users. The vulnerability essentially allows attackers by tricking users into clicking a link to steal login tokens. Epic Games has already fixed the security issue which means no user action is needed. Thanks to the massive player base dominated by the famous battle royale game, Fortnite has become a major target for cyber criminals. Recently, with more than 78.3 million monthly players found a crucial vulnerability already patched out. According to Check Point: “With the access token in the attacker’s pocket, he can now sign in to the Fortnite account of the user and display any data stored there, including the ability to purchase more in-game currency at the user’s expense. He would also have access to all in-game contacts of the player, as well as listen in during gaming conversations. “While the attack is not particularly complicated, people who use the exploit need to have the technical know-how and knowledge of the old territories once held by Epic Games. The Fortnite developers have several old subdomains used by attackers to scan for valuable data. Attackers ‘ interest lies mainly in the virtual currency Fortnite, also known as V-Bucks. 1000 V-Bucks is worth $10 but once attackers have access to their victims ‘ financial information, they purchase the digital currency and sell it to other players for a discount. This leads to cyber criminals taking advantage of the transactions while blocking accounts of the victims.