Playing Fortnite generates ecstasy in just 20 minutes each online game lasts. A player out of 100 opponents is crowned the winner and can become a millionaire in international tournaments. Each of the 250 million registered gamers to date plays for free, but you can pay to customize your character and gain popularity among the community; however, there is a black market where accounts stolen by teenage hackers who also earn several thousand dollars without even participating in the game are offered.
Just by taking a session, cybercriminals, who do not always reach the age of majority, learn to execute the credential stuffing -or theft of credentials- with which they snatch players the most equipped accounts and then sell them through platforms such as Twitter and Discord- a community of gamers- at prices ranging from pennies to hundreds of dollars.
The black market that revolves around Fortnite is fruitful for teens who make big bucks, according to their own testimonies. And it is that according to the report “State of the internet 2019 / Security. Web attacks and video game abuse ”carried out by Akamai, from November 2017 to March this year the video game industry registered 12 billion cyber attacks of this type with a trend that increases every day.
From victim to perpetrator in Fortnite
A report by the BBC collected testimonies of some crakers – name that hackers of video game accounts or other services such as Spotify have coined – who earn thousands of dollars with the theft and sale of accounts. One of them recounted how he went from being a victim of craking to a victimizer who found on Twitter not only stolen accounts to buy, but the opportunity to join the illegal business.
The 14-year-old received an email saying that his account password had been changed by someone else and that he could only access it through the code sent to the email address that the attacker had provided. That was how he decided to enter Twitter to express his anger, but on the social network he not only managed to vent, he also found better account offers than his.
“I was contacted by someone who said I could buy him an account for 25 cents and I clearly saw that that account cost a lot more, but I still bought it,” he told the BBC. And although he knew it was a stolen account, he understood that there was a lot of money at stake.
After being part of the craking business with the purchase of accounts, he decided to become a hacker of one of the most acclaimed video games and for this it was only enough to receive a session where he was taught where to buy hacking tools. Thus, on his first day he managed to access a thousand Fornite accounts and earn $ 1,800 during the first weeks.
Another 17-year-old cracker, originally from Slovenia, showed the BBC screenshots of his PayPal accounts and bitcoin wallets to prove that he had obtained $ 20,000 in at least seven months in which he had sold characters through his page. personal website, he even said that he uses his friends to manage their social networks.
Gamer, protect your account from crackers
Although Epic Games declined to comment for the report, he said he is already working to improve the security of his accounts. Given this scenario, the BBC has some recommendations for Fortnite amateur gamers:
- Avoid easy-to-guess passwords, such as the name or terms related to the game or very obvious character strings.
- Ask the factory for help when the account has been stolen.
- Use a two-step authentication system with the sending of a code to the cell phone or to another email account, since it is more difficult for crackers to access accounts with this feature.
- Epic Games does not currently offer two-step verification, but rewards players who add it to their account through accessories.
Cracking accounts in Fortnite has become the hobby of teens who are not afraid to get money illegally and at the expense of gamers who go from fun to bitter gulp of seeing their investment lost. And while this theft may seem innocent in the hands of young people, they have also related how it became the gateway to commit more serious cyber attacks.