Monday , August 19 2019
Home / taiwan / "Fortress hero" is incomplete! Hackers Can Easily Steal Player Information | Games | New Head Shell Newtalk

"Fortress hero" is incomplete! Hackers Can Easily Steal Player Information | Games | New Head Shell Newtalk



Security vendor

Security Point Check Check today (30) Announced vulnerability of popular online action survival game "Fortnet Hero" (Fortnite).

Security Point Check Check Today (30) Announced Vulnerability of Popular Online Survival Game Forttite Warned that All Game Players Can Become Victims of Vulnerability.

Fortress Heroes has nearly 80 million players worldwide and is loved by all players, including Android, iOS, Microsoft Windows computers and platforms like Xbox One and PlayStation 4. In addition to amateur players, Fortress Hero is also a professional player to play online games, and it is very popular among e-sports enthusiasts. When a vulnerability is exploited, the attacker can fully retrieve the user account and personal information and use the payment method they apply to buy the virtual gaming currency.

In addition, vulnerability can also lead to privacy violations as the attacker can listen to the victim during chat conversations, even sounds and conversations at home or other gaming locations. Fortress Heroes players have previously been deceived and instructed to connect to counterfeit websites that promise to generate a V-Buck gaming currency and these new vulnerabilities can be hacked without player input. To use.

The checkpoint, the insurance vendor, outlines how an attacker can exploit the vulnerability detected by the Fortress Hero user login process to obtain a user account. Researchers have identified three vulnerabilities in the network infrastructure of Epic Games to understand how attackers can use symbol-based authentication processes and one sign-on, such as Facebook, Google and Xbox (SSO system steals user credentials and accounts.

Players who click on seemingly transparent phishing links from the Epic Games domain and attackers will be attacked. By clicking on a link, an attacker can easily perceive his Fortress Hero identity token without even entering login credentials. Researchers at the research point point out that the potential vulnerabilities found in the two Epic Game subsectors that are susceptible to abuse will allow the hacker to take over the user's legitimate authentication token using the attacked subdomain.

Oded Vanun, Head of Check Point Vulnerability, said: "Fortress hero is one of the most popular games among online players. These shortcomings allow hackers to attack privacy. We are still a drone manufacturer DJI. The platforms used by DJI have identified vulnerabilities that show that cloud applications are very vulnerable to attack and destruction, and these platforms have a large amount of sensitive customer data and are increasingly viewed by hackers. Vulnerability in which the account was stolen. "

Check Point has announced Epic Games as a vulnerability (now fixed). Check Point and Epic Games advise all users to be vigilant in exchanging digital information and creating secure online habits by communicating with others. Users should be suspicious of their legality regarding the links they see on user forums and websites.


Source link