Skip to main content

A free ‘Fortnite’ modification infected over 78,000 players with adware

Razer Blade (2018) fortnite
Riley Young/Digital Trends

Game streaming service Rainway recently discovered adware plaguing over 78,000 Fortnite players. Rainway is a game streaming client installed on your PC that will stream your games to other devices using an internet connection. The platform itself includes a tracker that records error reports for the engineering team. To their surprise, hundreds of thousands of these reports began appearing on June 26, raising a red flag.

“Not feeling very excited to see such an influx of events on a Tuesday the engineering team was a bit flustered, after all, we hadn’t released any updates to that particular piece of our solution,” says Rainway CEO Andrew Sampson. “It became pretty clear soon after that this new flood of errors was not caused by something we did, but by something someone was trying to do.”

After examining the reports, the team noticed calls to various advertisement platforms. Given Rainway doesn’t include ads, they dug deeper and discovered that JavaScript was attempting to grab advertisements but couldn’t because only specific web addresses are whitelisted by the platform. The resulting JavaScript errors are what flagged the Rainway team.

A further examination confirmed that the problem had nothing to do with the Rainway platform itself. That pushed the team to seek out a common factor. Since customers have different hardware configurations and internet service providers, the only common factor in the error reports was Fortnite. More specifically, a Fortnite hack.

The beauty of PC games is that many can be modified. The dark side of this benefit is that hackers will take advantage of gamers wanting cheats, cool weapons, and armor. The team jumped on YouTube, discovered who and what hacks you can download for Fortnite, and installed “hundreds.” Most were malicious, but the team sought after one specific hack.

Ultimately, they struck gold. The offensive hack promised free V-Bucks (the in-game currency) and an auto-aim component. The team created a virtual machine and installed the hack to see adware route all internet traffic through itself. The result was a man-in-the-middle attack that generated web page requests containing tags for Adtelligent.

Sampson says Fortnite players downloaded the fake mod more than 78,000 times before it was pulled by the file host due to Rainway’s report. The team also contacted video ad serving platform SpringServe to identify the “abusive creatives” and Adtelligent to report the ad-based keys linked to the internet addresses.

“We’ve also put out an alert to all infected users and increased our security by enabling certificate pinning, helping mitigate any future MiTM attacks,” Sampson says. “In the future, we will alert users when we detect any foreign activity that we think could be a sign of an infection.”

Ultimately, Rainway received 381,000 reports stemming from the malicious Fortnite mod.

As Sampson points out, if something you download seems too good to be true, you may end up reformatting your PC. Mods are great for PC gaming, but only through controlled platforms that examine the legitimacy and safety of these user-created modifications. Not everyone has good intentions.

Editors' Recommendations

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Fortnite adds Black Panther tribute statue in game
Black Panther

Just days after Black Panther actor Chadwick Boseman passed away, Fortnite added a fitting monument to the character in the game.

The statue, called Panther's Prowl, plays ambient Wakanda-like music when nearby and depicts a massive panther carved out of stone. The statue can be found just west of the Misty Meadows on the side of the hill on a glowing rock. The statue is the latest Marvel-themed object added to the game since Fortnite started Season 4 after Ant-Man and X-Men references made recent appearances.

Read more
What’s it like to play Fortnite on iPhone today?
Fortnite Chapter 2

The most current version of Fortnite isn’t coming to iPhones anytime soon after a judge upheld Apple’s decision to remove it from the App Store. Players who already had the game installed can still access it, but it’s currently a very different game than what’s available on other devices.

The most obvious difference when booting up Fortnite is that the game is still in Chapter 2, Season 3. Players are dropped into the standard lobby and onto Season 3’s aquatic-themed map, which launched in June. The only notable difference is that the map screen displays “Season 0” in the top-left corner.

Read more
Fortnite Chapter 2 Season 4 Nexus War event adds Marvel’s mightiest heroes and villains
Marvel heroes line up in Fortnite Nexus War.

After a week of superhero teases, Epic Games revealed Fortnite’s Chapter 2 - Season 4, which adds a cast of Marvel characters to the game.

The event, titled Nexus War, is a play on Marvel's Infinity War. The fourth season trailer shows iconic Marvel heroes and villains, including Iron Man, Wolverine, Groot, Storm, Mystique, Doctor Doom, and She-Hulk, being teleported to Fortnite’s island. After a brief face-off with the game’s characters, Thor flies in to reveal this season’s big bad: Galactus.

Read more