Fortnite players will have to monitor their bank account. Researchers from the Israeli company Check Point, specializing in cybersecurity, claim to have discovered a major flaw in the source code of the website of Epic Games, the publisher of the title.

Exploited by an ill-intentioned individual, they could have been used to access the account of a player, but also to make purchases. As a reminder, Epic Games allows players to buy virtual accessories, such as kits for personalization of his character.

The contents of voice exchanges between players would also be affected according to Check Point. A final element contested by Epic Games from BFM Tech, which states that no listening conversations in the game is possible.

As Check Point's experts show, information contained in the source code of the Epic Games site has generated links to be sent to victims. A simple click of the latter then enough to send hackers their login credentials, thus providing full access to their account.

The link sent to the victims.

80 million active players in the world

According to the researchers, this technique allows to recover the login and password of players connecting to their account via a third party application such as Facebook, Google, or Xbox Live. Prior to publishing the information, Check Point informed Epic Games of the problem.

From the BuzzFeed website, a publisher's manager confirms the existence of the flaw, stating that it is now corrected. "As always, we invite players to protect their account by changing their password and choosing complex passwords," he explains to the US media. Recommendations that would not have prevented this type of piracy.

According to Epic Games, about 80 million fans play Fortnite each month. In total 200 million accounts have been created since the release of the fighting game. With many players having a credit card on their account to make purchases, Fortnite is a favorite playground for hackers.

As BuzzFeed reminds us, some highly paid accounts can cost thousands of dollars on sites like eBay. If the Washington Post evokes "millions" of players concerned by the flaw discovered by Check Point, no official figure has been released yet.

Update from the 17/01/2019 to 11:50: The reaction of Epic Games concerning the listening of conversations between players has been added.