FORTNITE fans are being urged to change their passwords after experts uncovered a cyber attack targeting thousands of gamers.
Crooks are using the malware BloodyStealer to hack into the online accounts of gamers around the world and steal their card details.
According to Russia-based cyber security researchers at Kaspersky, who discovered the attacks, criminals are increasingly targeting gamers.
They’re after details stored on accounts on gaming marketplaces such as the Epic Store, which is owned by Fortnite developer Epic Games.
“Gamer accounts are in demand on the underground market,” Kaspersky wrote in a report on Monday.
“Proof positive is BloodyStealer, which steals account data from popular gaming stores.”
The research team discovered BloodyStealer after stumbling upon an ad for the infectious programme in March.
According to the report, the advert said that the malware is able to steal passwords bank card details, browser autofill data and screenshots.
- Read all the latest Phones & Gadgets news
- Keep up-to-date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
It’s also able to pinch Bethesda, Epic Games, GOG, Origin, Steam, Telegram and VimeWorld client sessions.
That means gaming data from titles like Fortnite are being exposed, possibly handing over gamers’ online account details.
BloodyStealer has already been used to target and infect users in Europe, Latin America and the Asia-Pacific region, according to the researchers.
The hacking tool has spread so far because it’s being sold on the dark web for as little as $10 per month.
An attack typically involves packaging the malware into otherwise seemingly inoccuous apps or games.
Once on your PC or smartphone, the credentials for your online gaming accounts are stolen and then sold on the dark web.
“Cybercriminals sell access to specific gaming accounts, both individually and wholesale” the team wrote.
“Unsurprisingly, accounts with many games, add-ons, and expensive items hold particular value. Typically cybercriminals sell them at huge discounts.”
BloodyStealer is just one of many tools available on the dark web for stealing gamer accounts.
Cybercriminals sell other types of malware, many of which have been on the market longer than BloodyStealer.
“With the aid of these tools, cybercriminals can collect, and then try to monetize, a huge amount of credentials,” Kaspersky wrote.
“All kinds of offers related to gamer accounts can be found on the dark web.”
To protect yourself from malware, protect your accounts with strong passwords and enable two-factor authentication.
You should also only download apps from official sources to minimise the chances of picking up BloodyStealer or other nasty software.
