Streaming service Rainway exposes the scale of the Fortnite virus problem

Fortnite

Battle royale shooter Fortnite is a phenomenon now, but with many millions of players comes big problems, especially when the audience skews a little younger than average and the game is free to play. Last Tuesday, engineers at game-streaming service Rainway noticed tens of thousands of automatically logged errors flooding in, all of them coming from Fortnite players.It was time for their tech team to do a little internet sleuthing, which they kindly documented here in this developer blog post.

The first thing Rainway’s techies did was confirm that the errors weren’t coming from or related to their own software. With that out of the way, they now had a log of many thousands of users, all trying to access ad servers online, but reporting Javascript-related errors, indicating some kind of ad-based malware. Fortnite is one of the most played games using the service (letting people stream from their home computer to remote devices), so it wasn’t too surprising a vector, but that led to the problem of identifying which piece of malware it was.

YouTube is flooded with videos promising downloads of undetectable cheats and free cash-shop credit for Fortnite, many of them being viruses. Identifying which particular one was setting off all the alarm bells at Rainway was like picking out a particularly thorny needle in a haystack made out of needles. In the end, they just went through and picked through the pile mechanically, by downloading hundreds of potential malware packages and running them through a custom-made search tool to see if any of the reported ad server URLs popped up.

Eventually they struck gold with one package, which was promising both free V-Bucks (the in-game currency) and an undetectable aimbot. In reality, once installed it went and re-routed all web traffic through itself, adding a generous helping of extra ads to every website. Rainway have made some effort to shut down this particular piece of malware, getting the download pulled from its original host and informing the ad company involved – Adtelligent – that someone on their network was serving ads this way, but at the time of writing, Adtelligent have yet to respond.

Fortnite Hack

Rainway also went and informed all of their affected users that they’d been caught by this malware, but with masses of users affected on one streaming service alone, it seems like that tens of thousands of users have been affected, with the malware installer clocking in at 78,000 downloads total. So, let this be a lesson to you all that cheaters seldom prosper, and to keep away from strange download links you see on YouTube. If any of your kids play Fortnite, please warn them, because nobody wants to waste a weekend reformatting their kid’s PC.

And just remember; this virus was in one package out of hundreds that they had to test. I can’t even begin to guess how many are infected worldwide in search of Fortnite fame and fortune. And even if you do manage to luck out and find some real cheats? There’s a good chance that won’t end too well for you either.

34 Comments

  1. mpk says:

    And ironically there was an ad underneath this article for “Free CS GO skins” and, after I’d logged in to post this comment, another saying “Watch CSGO and win skins”.

  2. BockoPower says:

    To be honest, formatting a partition and installing a new Windows on it takes no more than 30 minutes nowadays. If you consider also the time to backup some important files before that, installing the drivers (I like how Windows 10 automatically installs the most stable drivers all by itself, so on it this step can be scratched) and getting the most used programs (use Ninite to make this A LOT faster, also better to have the most important and biggest programs on a different than the system’s partition) and it should take no longer than 3 hours. Fresh Windows install should be done every 6-7 months anyway. The most annoying problem is devs and publishers who refuse to use a standardized folder location for their files and every program and game without cloud saving has it’s innards spread across the C:\ drive and you may need to backup some of those. It’s like the companies instead try to get more creative and hide everything as hardest as possible to find to make you not want to format. Or maybe the programs don’t like to be neighbours with other programs.

    • Dominic Tarason says:

      Getting the building blocks of a PC reinstalled is quick and easy these days, yeah.

      But when so little comes on disc now, you’re looking at hundreds of gigabytes of download to recover all that stuff you want installed, and on most mortal internet connections, that’ll take days.

      • ChampionHyena says:

        Not to mention lurching you ever-closer to your data cap. My last reformat ended up costing me hugely–not in time, but in money as my ISP nailed me with overage fees.

        • Fluffy says:

          …. it is amazing to me that this is still a thing. Might I inquire where you buy your internet from?

          In my corner of the world (the Netherlands) even the most humble internet offers are broadband (20Mbps+) and offer unlimited data. A fair use policy is usually included, but that generally only kicks in when you’re hitting terabytes of data, and/or are a spambot.

      • pipja says:

        put your steam library on a different drive, not the windows drive and you should be fine

        • Premium User Badge

          phuzz says:

          That’s not necessarily going to stop a virus from patching itself into every executable it can find, including your games.
          There’s not much point in nuking a Windows install, and then plugging in a drive that could well contain a virus.

      • brucethemoose says:

        I just put all my big programs on a separate partition, with “portable” installs where I can. So when it’s time to nuke Windows, everything important is still here.

        That may not be enough if you get some serious malware, but in my experience, most malware doesn’t bother touching anything other than C.

      • BockoPower says:

        Ye but that’s why different partitions are a must. I have C:\, with only 50 GB, only for the Windows and some small programs like PotPlayer and 7-Zip. Then I have D:\ where I install all games and the bigger programs like Unity or Blender. And my 3rd E:\ partition is for backup downloads, movies, music etc.

        And if you make a nice backup of your Windows after you customized it to your liking and installed the programs you use, then you can very easily just format C:\ the next time and roll back that backup on it without bothering to install everything anew. But this is kinda hard for people who constantly replace or install new programs.

    • Lord Byte says:

      Reinstalling every 6-7 months is utter toss unless you’re a complete imbecile or enjoy installing new hardware and apps by the dozens every damn day (or you’re still on XP… see the first). The only reason you might do it is if your SWS folder is getting too big.
      The other reason is of course if you’re unable to remove malware (I haven’t found one I can’t, but I can imagine that some of those would give troubles to less informed users), but still it isn’t a step to take lightly. Reinstalling is pretty trivial, but by the time you reinstalled all your apps and reconfigured it to your liking you’ve easily lost a day if not more.

      Having your My documents folder on another (mirrored) drive is a big help then. As for the savegames and such, go through your User folder App Data and ProgramData and simply backup all the folders related to the games you play (and want to save) and put them back after reinstall. Haven’t lost a savegame or config yet ;) (careful as some older games, even on steam, usually dos games, save into their home directory)

      • Hoot says:

        Agree 100%.

        Reinstall Windows every 6 to 7 months? Complete nonsense. Please, to the guy suggesting it, go and apologise to the person who’s arse you pulled this random time-frame from.

        As long as you aren’t a kid or a tech-novice then your PC should be maintained well enough to never have to reinstall Windows unless you go for a major hardware upgrade. I’ve had my current install of Win 7 x64 Pro running for 5 years, but then I’m a bit OCD about maintenance (dedicated uninstaller to minimise dead files and clean the registry, simple but effective anti-malware suite, etc).

        I remember getting calls to fix peoples PC’s when I was younger and when I turned on their computer I was astounded by how much crap they had let install itself. Every “Search Bar NOW!” feature going, 20 or so ad-ware and malware apps configured to open on start-up, etc, etc. It was painful explaining to people that for the most part adverts on the internet are basically lies and not to download any files that end in .exe.

        Rambled a bit there, sorry.

        But yeah, you don’t need to reinstall Windows anywhere near that often as long as you aren’t intentionally installing malware/adware on your PC.

      • BockoPower says:

        Fresh reinstall after 6-7 months is good no matter what. It’s not only if you have a malware or a virus. Sometimes a new Windows update fucks up something or some programs/games silently installs something stupid you can’t remove. And the C:\ gets bloated with all kind of stupid things. I have a friend who doesn’t like reinstalling and when he wants to get rid of something he searches all registries and turns on 34634 different scans and cleaners. I prefer to just install a new Windows that will take max 3 hours after everything. It’s not like I can’t clean the PC in his way, it’s just so much faster. And it fixes the problems in 99% of the time.

        • thelastpointer says:

          new Windows update fucks up
          A fresh install with all the latest updates won’t solve that.

          some programs/games silently installs something
          Nothing should install things silently (if you don’t pirate stuff anyway), though I admit that some installers have misleading checkboxes that install bloatware. Pay attention!

          C:\ gets bloated with all kind of stupid things
          Try to keep track of said things. It does not happen magically.

          Don’t advise people to reinstall their OS. Advise them to take better care of their computer. You’re just masking bad habits and careless behavior. I get that it’s not easy, and you need to pay attention, but it’s for the better.

          • BockoPower says:

            Installing Windows from a DVD, USB or an ISO without updating it to latest version.

            A lot of companies these days install hidden stuff like spyware or adware. If you don’t believe this, I don’t know what you even argue then. In this regard pirated software can be even safer as they remove it.

            I personally know every file on my PC and where it came from. As I said I can delete everything myself. It’s just too much time waste to do so every month or weeks and I prefer to reinstall Windows after 6-7 months instead.

            I never said that people should just just go recklessly around the Web because that may lead to a state where your PC may not be even usable anymore (a friend of mine around 20 years ago somehow got some virus that fried his motherboard). I just say it’s good to completely refresh the system partition and reinstall your Windows after some months. I have yet to hear a case where that hurt anyone and I personally do it for 15 years. And the only argument I have heard against it so far is only “because it’s for lamers”. The only time I won’t recommend reinstall is for business PC’s who need to be changed as little and rarely as possible.

          • Premium User Badge

            phuzz says:

            A lot of companies these days install hidden stuff like spyware or adware.
            Sure, a lot of shady companies do this, that’s kind of the point of this article. When you see a download for something ‘free’ then you’re probably getting used. If you’re installing programs which are installing things without telling you, then you’re downloading off the wrong people.
            I can only think of one program that I’ve installed in the last few years that installed some adware nonsense (CDisplayEx fyi), and I download a lot of random crap.
            Like everyone else has said, if you’re having to re-install Windows every six months, then you’re doing something wrong.

        • Martel says:

          “Fresh reinstall after 6-7 months is good no matter what.”

          No, it really isn’t. If you need to do that you are doing some seriously wrong things with your computer.

    • Retorrent says:

      The only problem with backing up important files is that you have no way of knowing which files are infected and which are not. If for some reason your malware removal dose not detect and remove it you stand a good chance of reinfecting the PC. It better often times to just wipe the drive and start fresh. I would hope that people would have a separate backup of important files that were stored off the PC.

      • Optimaximal says:

        NB – what is the definition of ‘important files’? Malware cannot ‘infect’ anything other that executables. They can delete, corrupt or encrypt them, but they cannot be used as infection vectors.

        It’s an important nuance that many miss when talking about viruses and other malware – I virus cannot ‘infect’ your My Pictures folder. It can, however, take over the Windows Explorer or Picture Viewer processes and replace all your holiday snaps with ladies boobies if it’s been programmed that way.

    • Verbose Hat says:

      To be honest, I have no idea what this rant has to do with idiots installing malware under promises of free v-bucks and hacks.

      Windows install should be done every 6-7 months anyway.
      That’s utterly ridiculous. How did you even come up with this (doubtless very scientific) number?

      • aepervius says:

        At that frequency of 6-7 month I would rather use a VM :P. Just copy it every time you fire something new, and if you find no traces of problem after a few weeks, then shift the tool/software/game from your VM into the main install.

  3. Taintslapper says:

    My buddy talked me into playing Fortnite when it initially came out and it was fun. I played it enough that I thought I would support the game and buy the survival mode. (This was before it had become so incredibly popular) Within a week my account had been hacked and I had several hundred dollars in in game purchases made. It took over a month to get a response to any of the five emails I sent. After changing the password and removing all personal information I still get emails telling me that people are trying to change my account password.

    This game seems like a security nightmare.

    • Verbose Hat says:

      Don’t be so quick throw blame around. There’s no security issue with the game whatsoever. It’s just a popular target. Use a strong password, enable two factor auth, don’t try to install any hacks and ignore everything offering free v-bucks. Easy.

      • Taintslapper says:

        I’m not a gullible rube. I’ve never once used any kind of illicit add-on or anything of the sort. To say that anything is completely safe is naive to say the least.

        Furthermore, even if I had, five emails and a month of waiting just hear a response is unacceptable for any type of customer service.

    • Boozebeard says:

      I had the same thing except they refunded me within 8 hours of me emailing them.

      I think epic games account databases were hacked a few years ago but at the time it was basically just a forum account, they didn’t have their own game launcher, so I don’t think I ever bothered to change it.

  4. Baines says:

    cheaters seldom prosper

    I’d guess that the vast majority of the time, cheaters prosper. (In games as well as life in general.)

    You just open yourself up to the risk of additional (potentially steep) negative consequences, but odds probably strongly favor you being okay.

    • gunny1993 says:

      Amusingly the bigger of a cheater you become, the less of a risk you end up taking. Don’t cheat games, cheat economies, the consequences are far less severe.

  5. brucethemoose says:

    Reminds me of Minecraft, which had a similar malware spam problem.

  6. racccoon says:

    Well spotted at least. :)

  7. tekknik says:

    this is why I game on a mac, nobody targets it. Ive also had success with running windows in a VM and resetting it to previous snapshots when there’s issues. Times are different these days, a gamer is no longer forced to use windowz

  8. Bedeage says:

    Given that the fucks who suffer from this malware are either those who downloaded a cheat with the full intention of using it, or failed to raise their children correctly, I’d be of half a mind to leave that malware in place.

Comment on this story

HTML: Allowed code: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>