Fortnite Hackers Earn $1 Million A Year—Stealing Your Skins – Forbes

https%3A%2F%2Fspecials ProxyEgg Fortnite Hackers Earn $1 Million A Year—Stealing Your Skins - Forbes

Fortnite has been in the news a lot of late, what with Epic Games taking legal action against Apple and Google. If you want to play the latest season of Fortnite on Apple hardware you are out of luck. Android users can get in on the action if they install Fortnite directly from the Epic Games website, an option not available to iOS users. The news that interests me, however, as a gamer with a professional interest in matters of cybersecurity, is just how dynamic and profitable the underground Fortnite economy is.

How profitable, do I hear you ask? How does $1 million (£750,000) a year in stolen account sales sound? Sure, that’s towards the top end, but criminals are making that kind of money, $25,000 (£19,000) a week, because of the value of stolen character skins.

And because hackers know how to compromise your account.

MORE FROM FORBESHow 25 Dice In A Box Solve The Secure Password Conundrum-Introducing DiceKeys

The Fortnite underground cybercrime economy

Vinny Troia, CEO at Night Lion Security, has today published his report into the Fortnite underground cybercrime economy. It doesn’t make for very encouraging reading if you are a Fortnite player. If you are a Fortnite account hacker, on the other hand, it reinforces what you already know: there’s lots of money to be made hacking game accounts.

It all starts and ends to be honest, with a lapse of account security when it comes to logins. Username and password combinations from data breaches, not just of gaming sites themselves, are traded on the dark web.


One recent dark web audit found an astonishing 15 billion stolen logins from more than 100,000 breaches available. Some hackers sell these credential databases, and others give them away for free to other cybercriminals.

The point being, if you reuse the same credentials, the same passwords, across multiple accounts, then you are asking for trouble. It only takes one of those sites or services to be hacked, and all the others are open to attack. You have opened up to a credential stuffing attack, to be precise. This is where the breached credentials are used to try and access high-value accounts elsewhere, high-value like your Fortnite account.

Even if you use simple variations of the same password, say incremental numbering, for example, then you are not safe. Testing out variations is done in double-quick time by fully automated processes.

MORE FROM FORBES60 Seconds In Cybersecurity: Here’s What Happens In Just One Malicious Internet Minute

Cracking Fortnite accounts

According to Troia, one Fortnite account-hacking tool can average 500 such account checks every second. The most successful hackers are those who understand the psychology of password creation amongst the general population, including Fortnite players. Troia quotes a prolific password cracker as saying that many people use “small and predictable changes” such as capitalization differences, for example. Then there’s using email addresses and usernames as password seeds, and so on.

It’s not all plain-sailing for the would-be Fortnite hacker. Epic Games does, for example, limit the number of logins allowed per IP address to prevent such bulk automated account probing. But, Troia says, the hackers circumvent such barriers by paying for proxy rotation services, which can issue a new IP for every account checking request.

These don’t come cheap, with one Fortnite hacker stating he pays more than $10,000 (£7,500) a month for such services. These services don’t use IPs that are typically associated with such proxies or with VPNs, but instead, use residential IPs to be more likely in passing through any filtering that Epic Games has in place.

But it doesn’t stop there. Another tool, a Fortnite account checker capable of automatically changing passwords, checking for available skins and the like, is employed to do just that. The most efficient version of this tool is sold on a personal referral basis only, on a $2,000 (£1,500) per month license.

I have reached out to Epic Games regarding the account protections they have in place and will update this article once I have a statement to publish.

MORE FROM FORBESGoodbye Passwords, Hello ‘Unbreakable’ Quantum IDs Containing 1,000 Trillion Atoms

A $1 million per year criminal business

So, with the criminals investing a fair bit of money in the tools they use to crack open Fortnite accounts, you can be sure there is a profitable return waiting for them. Out of every 20,000 accounts available to the hackers, maybe 2,000 will come complete with character skins associated.

These accounts can be bundled together into a collection known as a log, and sell for anything from $10,000 (£7,500) upwards, Troia states that one such log sold for $38,000 (£28,750) in a private Telegram channel auction.

The buyers will then raid those accounts, and resell them. Individual Fortnite accounts with a skin can sell for anything between $25 (£19) to £2,500 (£1,900) depending upon the scarcity of the skin involved.

That top=end amount was realized earlier this month for an account with a ‘Recon Expert’ skin, for example. Then there’s the account value itself. If it’s unlinked, that is not linked to an existing PlayStation Network account, then the value doubles compared to a linked one.

Suppose the account comes with the ‘bonus’ of access to the owner’s hacked email account, known unsurprisingly as a full access account, then the value triples. Troia says that just one full access, recon expert skin account can sell for $10,000 (£7,500.)

The most successful criminals in the Fortnite underground cybercrime economy are making, according to the report, an average of $25,000 (£19,000) per week, or more than $1 million (£750,000) per year. Even at the lower, more normal, end of the criminal marketplace, hackers are making $5,000 (£3,750) every week.

Mitigation advice is simple, so follow it

My advice, as always, is to make sure you are using strong and unique passwords for every site or service you use. A password manager app makes this easy to do. Don’t reuse passwords. Ever.

MORE FROM FORBESHackers Post ‘Vote For Trump’ Messages On Gaming Platform With 90 Million Users Source of this news:

Related posts:

Contender Analysis Via Proxies knowledge Aviation Analysis Wing
They say one sure method thrive in business is by dwelling ahead of your competitors. However , find out how to stay ahead of your competitors should you not what they are doing? Competitor ...
Aktieninhaber Democracy Is Getting Bigger Way Runs - The New You are able to Times
Good, that’s beginning to change. Quantity of intriguing experiments are ongoing. One of the most enjoyable is a collaboration between a substantial activist hedge fund, Electric motor No . 1, ...
What IT Admins Can Learn From Microsoft's U.S. Government Zero Trust Strategy - TechDecisions
Microsoft this week published along blog post about how the IT giant is helping U.S. federal agencies adopt a Zero Trust architecture and comply with President Joe Biden’s executive order on cybersec...
Colorado in declared emergency applying rare winter storm; OU celebrates Black History Pretty good p...
Today is regarded as Tuesday, February 16, 2021. Here’s what you need to know: Good morning,   A rare winter rage maintains knocked out nearly half of the wind-power generating c...
Fix An error occurred while starting Roblox - TWCN Tech News
Roblox is an online game platform where users can design their games or play games by other users, but sometimes users will receive an error stating that “An error occurred while starting Roblox Stud...
You should VPN: How to choose the best VPN? - Augusta Free Drive
In print Tuesday, Sep. 14, 2021, 11: 00 am Join the system AFP's 100, 000+ proponents on Delicious Sale made a request to AFP Subscribe to AFP podcasts on iTunes and after that Spot...
Follón and Expo 2020 Kuwait mark over 1, 200 days collaboration - ZAWYA
Over the last four years, additional than 1, 500 business days, Cisco ’s strategic collaboration has helped Expo 2020 Dubai establish a secure, intelligent foundation for connectivity. The...
‘If I don’t do it, who’s headed to help them? ’: Maryland workforce works to ensure equity wearing C...
These efforts are given a hand to by the fact that four during the eight Vaccine Hunters — Peterson, Maisie Lynch, Kathleen Bartels, Courtney Mason, Dina Ciccone, Tanya Aguilar, Becky Taylor and ...
Mid Level Back End Java Developer R850K PA - Remote at e-Merge IT Recruitment - IT-Online
A Global Wealth & Investment Management hub is looking for a Mid-Level Right back End Java Developer, with some cloud knowledge You may join a down-to-earth couple of technically sound developer...
Direct: Install Visual Studio Code unlockerfree code|Code calculatordecoder} Extensions - Bollyinsid...
Here tutorial is about the Plan: Install Visual Studio App|Code calculatordecoder} Extensions. We will try our best which means you understand this guide. I hope you adore this blog Guide: Inst...
A LOT OF PEOPLE Media, Retailers Targeted before New SparklingGoblin APT choosing Threatpost
The administrator of your special data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed data on the processing of personal depending on can be found in the privacy policy ...
Dallas Invents: 136 Patents Granted for Week of Sept. 14 » Dallas Innovates -
Dallas Invents is a weekly look at U.S. patents granted with a connection to the Dallas-Fort Worth-Arlington metro area. Listings include patents granted to local assignees and/or those with a N...
Cyber-terrorist targeting outdated versions at Linux in the cloud tutorial Security Magazine
<! -- |""|class i|section i. existence|thesaurus of english words and phrases|words expressing abstract relations|%|1. being, in the abstract} Hackers targeting outd...
Form 424B4 Spree Acquisition Corp. -
PROSPECTUS   Filed Pursuant to Rule 424(b)(4) Registration Statement No. 333-261367 $175,000,000 Spree Acquisition Corp. 1 Limited 17,500,000 Units Spree Acquisition Corp. 1 Limite...
Numerous “Spies” Are Watching Trackerless Torrents - TorrentFreak
Home > Headline > BitTorrent is a very efficient way to write large files, but not actually private one. It's referenced known that anti-piracy accessories monitor users thr...
Erik Prince: Q&A - Asia Times
Blackwater founder and former CEO Erik Prince recently spoke to Asia Times for a two-part, in-depth story: Part 1 can be read here; Part 2 can be read here. However, for the full convenience of read...
Fix: Windows 11 error writing proxy settings -
by Vladimir Popescu Being an artist his entire life while also playing handball at a professional level, Vladimir has also developed a passion for all things computer-related. With an inna...
Linkerd Graduates CNCF with Focus on Simplicity – The New Stack -
The Linkerd service mesh, the first service mesh to join the Cloud Native Computing Foundation (CNCF) back in 2017 as the foundation’s fifth project overall, has reached the graduated tier of the fo...

IP Rotating Proxy Onsale


First month free with coupon code FREE30