Fortnite adware virus discovered in purported aimbot/V-Bucks hack

Late last month, the operators of the game streaming service Rainway noticed something unusual: Hundreds of thousands of error reports began appearing on its tracker for no apparent reason. The errors were the result of attempted calls to ad platforms, "an immediate red flag," as CEO Andrew Sampson explained in this blog post, because the service doesn't run ads. Further investigation eventually narrowed the compromised users down to a single commonality: They all played Fortnite.

With that realization in hand, Rainway engineers began to really dig in, beginning with a search for Fortnite hacks on YouTube. "We downloaded hundreds of programs, all claiming to do something to help a player get ahead," Sampson wrote. "While they were all indeed malicious, we were looking for a specific one. We created a small utility to help us sift through all these programs to find references to the URLs we were detecting through error logging." 

More Fortnite

What's new with the latest Fortnite season
The best Fortnite creative codes
The optimal Fortnite settings
Our favorite Fortnite skins
The best Fortnite toys

Eventually the search paid off in the form of a purported aimbot that also promised to generate free V-Bucks—sweet candy indeed. But of course it wasn't what it appeared to be. When run on a virtual machine, "it immediately installed a root certificate on the device and changed Windows to proxy all web traffic through itself," Sampson wrote, describing it as "a successful Man in the Middle Attack." 

The hack had been downloaded approximately 78,000 times before the host took it down after Rainway filed an abuse report. That's a lot of potential headaches floating around in the wild. Sampson said he also sent an inquiry to Adtelligent, whose links were being added to web requests by the offending adware, but had not received a response by the time the post went up. 

In case there was any question about where he stood on the matter, Sampson concluded with a warning against downloading random programs, saying, "If something is too good to be true, you're probably going to need to reformat your PC." He also called on Epic to be more proactive in warning Fortnite players against this sort of thing.   

"Epic could do a better job at educating their users on these malicious programs and helping them understand how airtight Fortnite's systems are at preventing cheating," he wrote. "I’d also recommend they spend more time moderating YouTube to help take down these videos to avert a countless number of people from pwning themselves. Sometimes the allure of cheating is powerful, and a strong presence is needed to help push people in the right direction." 

I've reached out to Epic for comment, and will update if I receive a reply. 

TOPICS
Andy Chalk
US News Lead

Andy has been gaming on PCs from the very beginning, starting as a youngster with text adventures and primitive action games on a cassette-based TRS80. From there he graduated to the glory days of Sierra Online adventures and Microprose sims, ran a local BBS, learned how to build PCs, and developed a longstanding love of RPGs, immersive sims, and shooters. He began writing videogame news in 2007 for The Escapist and somehow managed to avoid getting fired until 2014, when he joined the storied ranks of PC Gamer. He covers all aspects of the industry, from new game announcements and patch notes to legal disputes, Twitch beefs, esports, and Henry Cavill. Lots of Henry Cavill.

Latest in Survival & Crafting
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
An April Fool's Day Palworld game concept about dating Pals
From Palworld movies to Palworld TV shows: 'Everyone under the sun pitched us every idea you can imagine,' says Pocketpair's communications director
Pacific Drive Endless Expeditions spring 2025 update trailer still - a sexy, tricked-out 1980s station wagon being blasted with magic healing electricity
Pacific Drive developers change their mind: A year after refusing to give it mid-run saves, it's getting mid-run saves
minecraft diamond level sword
Minecraft's never going free-to-play because as it stands it's 'the best deal in the world'
New shaders in Minecraft following Minecraft Live 2025
In the year of our lord 2025, Mojang is finally adding shaders to Minecraft, making reflective lighting and water effects more accessible for all
A dried ghast, a ghastling, and a friendly ghast all smiling
The latest Minecraft Live uncovered the tragic truth of the Nether's most bothersome mob, which has unlocked new levels of guilt
Latest in News
An Enshrouded player in a recreation of Erebor from The Lord of the Rings
Kings under the Mountain! 33 Enshrouded players spent 10,000 hours to recreate this iconic location from The Lord of the Rings
A mech awakens.
Mecha Break developer is considering unlocking all mechs following open beta feedback
Lara Croft Unified Art
Tomb Raider developer Crystal Dynamics lays off 17 employees 'to better align our current business needs and the studio's future success'
A long bendy arm stealing money from people in a subway car
'You're a very long arm. You steal things. It's a comedy game,' explains developer of comedy game where you steal things with a very long arm
The heroes are attacked by monsters
Pillars of Eternity is getting turn-based combat to mark its 10th anniversary, and that means PC Gamer editors will soon be arguing about combat mechanics again
Image of Ronaldo from Fatal Fury: City of the Wolves trailer
It doesn't really make sense that soccer star Ronaldo is now a Fatal Fury character, but if you follow the money you can see how it happened