Fortnite Aimbot Cheat is in Fact a Crypto-Stealing Ransomware

  • When run, the cheat starts to encrypt the files on the player’s hard drive and then deletes them if a ransom in crypto is not paid.
  • Researchers have already found two methods that can be used to decrypt affected files, without paying the crypto ransom.
Fortnite Aimbot Cheat is in Fact a Crypto-Stealing Ransomware

A new ransomware that pretends to be an “aim bot” for the popular game Fortnite, locks up and then deletes its victim’s files if a ransom is not paid in cryptocurrency, cloud security specialists at Cyren have uncovered.

The ransomware, named Syrk, pretends to be a cheating tool for the game, but when unsuspecting gamers run the application, it starts to encrypt the files on their hard drive and USB drives. After that, gamers are met with a message which warns them that if they do not pay a ransom in crypto, their files will be deleted one after the other, with a two hour window.

Having around 250 million registered accounts, Fortnite is one of the most popular games in the world. The recent Fortnite World Cup had a prize pool of $30 million, and the game has seen an online audience of more than two million viewers, but it seems that this popularity has brought the attention of hackers, especially with some gamers always looking for shortcuts. Chris Morales, head of security analytics at Vectra, said:

“Combining game malware with ransomware was inevitable. Social engineering through online video games has been going on for some time. It is a large audience to target and an industry that is known to look for shortcuts. Malware posing as a hack tool is novel as it will not be validated by any app store and bypasses the normal security controls. This makes encrypting files using a game hack highly opportunistic and easy to execute.”

Luckily for Fortnite gamers, the source code behind Syrk is the Hidden-Cry ransomware, which has already been made readily available as it was shared on Github at the end of last year. Researchers at Cyren have already found, and published, two methods that can be used to decrypt affected files without paying the crypto ransom for the decryption password.

Discussion
Related Coverage
Sam Bankman-Fried Found Guilty on All Charges
  • The New York Jurors took 4 fours of deliberating before pronouncing the former FTX CEO guilty of all seven charges of fraud and conspiracy to commit fraud.
  • Bankman-Fried will now have to appear in court on 28 March, 2024, where he will face a potential maximum sentence of 115 years in prison.
November 3, 2023, 8:54 AM
sbf

Former CEO of FTX Sam Bankman-Fried leaves the Federal Court in New York after pleading not guilty, 3 January, 2022.
lev radin/Shutterstock

DoJ Requests SBF’s Expert Witnesses be Barred From Testifying
  • The U.S. Department of Justice has expressed its concerns over Sam Bankman-Fried’s seven expert witnesses, and requested they be barred from testifying on the case.
  • The DoJ claimed most of the proposed experts lacked the necessary foundation for their opinions, making them unqualified to be an expert witness.
U.S. Prosecutors File Fraud Charges Against Do Kwon
  • Do Kwon was charged with conspiracy to defraud, commodities fraud, securities fraud, wire fraud, and conspiracy to engage in market manipulation.
  • A spokesperson for the Manhattan U.S. attorney’s office, which brought the charges against Do Kwon, said the Department of Justice (DoJ) will seek his extradition.