×
You will be redirected back to your article in seconds

Dark Web Creating ‘Thriving Criminal Eco-System’ Around Game

Criminals are turning to video game mega-hit “Fortnite” and its 200 million players as an easy way to launder cash from stolen credit cards, according to cyber intelligence firm SixGill.

“‘Fortnite’s’ format and popularity have drawn the attention of cybercriminals, and resulted in a thriving criminal eco-system around the game,” according to a report by the company. “As the game’s popularity increases and the financial system around it becomes more diverse, fraud involving games such as ‘Fortnite’ is likely to become more prevalent.”

Reached for comment Tuesday, Epic Games said it continues to combat fraud in its games.

Epic Games takes these issues seriously, as chargebacks and fraud put our players and our business at risk. As always, we encourage players to protect their accounts by turning on two-factor authentication, not re-using passwords and using strong passwords, and not sharing account information with others.”

In a report entitled “Carding and the Digital Gaming Industry,” SixGill lays out the process that criminals use to turn stolen credit cards into cash with the help of Epic Games’ “Fortnite.”

A criminal creates a new free account for “Fortnite,” and then uses a stolen credit card, or several stolen credit cards, to stack the account with “Fortnite’s” in-game currency and purchasable skins. Once the account is loaded up, they turn to third-party sites like eBay and G2G to list the accounts at prices that amount to a fraction of their worth based on the items and virtual currency they have. So, for instance, an account loaded up with $100 worth of V-Bucks might sell for $25.

The seller typically requires bank transfers through services like PayPal, and once the money has changed hands, the account is handed over, along with the email account and password, to the buyer.

In the past sixty days alone, just the top 50 “Fortnite” items listed on eBay brought in about $250,000, according to the report. A quick search this week on eBay shows that “Fortnite” accounts are a hot commodity on the website, with accounts selling for anywhere from the hundreds to thousands of dollars in the past month. There are also options to buy a “ticket” to a raffle for an account, where hundreds of people pay a few dollars for a chance to win a loaded account.

“With the recent surge in the popularity of ‘Fortnite,’ an online game boasting more than 125 million players and monthly revenues in the hundreds of millions of dollars, cybercriminals have flocked to this massively successful game and begun exploiting it to commit financial fraud,” according to the SixGill report.

Carding — the act of using a stolen credit card to purchase items in a game and resell them at a discount — isn’t unique to “Fortnite.”  But Benjamin Preminger, cyber threat intelligence specialist at SixGill tells Variety that “Fortnite” offers would be criminals an enticing target.

“Fortnite assumes its place in the gaming fraud hall of fame for a number of reasons,” Preminger said. “‘Fortnite’ is breaking records in its popularity. The game’s user base, hundreds of millions strong, seems to be extremely diverse in terms of age, gender, socio-economic status, and country of origin. This mass market appeal gives cybercriminals the opportunity to target a host of different victims, from young children with access to their parents’ credit cards to older adults with little awareness of the potential dangers of cybercrime. As more and more people enter the ‘Fortnite’ Battle Royale arena and purchase in-game items, the more opportunity cybercriminals have to hack user accounts and run away with the virtual booty.

“Additionally, the seasonality of Fortnite, adding new artifacts and other in-game items every few months, has increased market demand for rare, time-limited in-game items. This feature, created by Epic Games to keep the game fresh and interesting, has unwittingly created a dark web market for unique and highly sought-after Fortnite goods.”

Finally, Preminger said, “Fortnite’s” surge in popularity coincided with the rise of cryptocurrency.

“The surge in cryptocurrencies’ popularity opened up new possibilities for anonymous, lightning-speed global money transfers, and enabled cybercriminals to more easily convert V-bucks, to cryptocurrency, and ultimately to cold hard cash.”

Buying and selling accounts on “Fortnite” is against the game’s end-user license, which means that Epic Games can and will close accounts that have been purchased or sold, but they have to catch them first.

And Preminger said there’s no indication that it’s having a noticeable impact on the practice of carding in “Fortnite.”

“Cybercriminal activity surrounding ‘Fortnite’ seems to only be growing, with little sign of slowing down,” Preminger said. “Analysis of dark web conversations regarding ‘Fortnite’-related credit card fraud suggests that while some exploited cards are shut down, the use of VPN servers and other deception mechanisms allows cybercriminals to continue in their nefarious endeavors, with little intervention on the part of Epic Games or law enforcement agencies. We don’t have information regarding the time it takes for compromised accounts to be banned, but as examples from the dark web show, cybercriminals are finding it easy to exploit the vulnerabilities and victims of ‘Fortnite.'”

The issue of selling entire accounts could become moot if and when Epic Games permanently rolls out gifting items in the game. The gifting ability could create a grey market for in-game items without the need to buy and sell entire accounts. Players could simply gift an item that was purchased offline using another service. Epic Games tested the ability in December, but haven’t commented since on when it will returning to the game.

More Gaming

  • Arc System Works and WayForward Revive

    Arc System Works and WayForward Revive Classic 'River City' IP

    Notable fighting game developer Arc System Works is teaming up with “Shantae and the Pirate’s Curse” developer WayForward to create a brand-new game based on the classic “River City” intellectual property, they announced on Friday. The new project is called “River City Girls.” While the two studios won’t release full details about the project until [...]

  • Panthers Schedule Promo References a Slew

    Panthers Schedule Promo References a Slew of Video Games

    The Carolina Panthers’ released its 2019 schedule promotion video on Wednesday, which makes callbacks to classic games, like “Pitfall” and “Oregon Trail” among other games, shared via YouTube. The Carolina Panthers are a professional football team in the National Football League (NFL). The team is based in Charlotte, North Carolina. The promo video shows various [...]

  • Gearbox CEO Defends Epic Games Store

    Gearbox CEO Defends Epic Games Store and 'Borderlands 3' Exclusivity

    Earlier this month, developer Gearbox Software revealed the PC version of its anticipated co-op shooter “Borderlands 3” is coming exclusively to the Epic Games Store. This created some blowback from fans who prefer Valve’s digital storefront Steam. Gearbox founder and CEO Randy Pitchford defending the decision in a lengthy Twitter thread on Saturday (helpfully recreated [...]

  • Inside the Music of Netflix's 'Ingress:

    Inside the Music of Netflix's 'Ingress: The Animation' (EXCLUSIVE)

    “Ingress: The Animation” hit last fall in Japan, but the global release doesn’t hit Netflix until April 30, fortunately, it’s bringing a little something new to the show based on Niantic’s other popular video game. The global version of the show will feature a new musical score created by Jacob Yoffee (“Free Meek,” “Andi Mack”). [...]

  • Vic Mignogna

    Accused of Sexual Harassment, Vic Mignogna Sues Funimation

    Vic Mignogna, known for voicing Broly in the “Dragon Ball” series of games, films, and tv shows, filed a lawsuit claiming defamation and other charges against Funimation and other voice actors on Thursday, according to public court documents. Fellow Funimation voice actors Monica Rial and Jamie Marchi, along with Rial’s fiance Ronald Toye, are also [...]

  • South Korea's FTC Reviewing In-Game Purchase

    South Korea's FTC Reviewing In-Game Purchase Clauses

    The Fair Trade Commission in South Korea will conduct a review of game companies’ consumer practices and thus contacted 10 companies, including Nexon, Blizzard, and Riot Games, on Friday, according to The Korea Herald. The Fair Trade Commission (FTC) is concerned with in-game purchases in PC and mobile games. In particular, one concern is the [...]

  • 'Pokémon Go' Dev Niantic Accepting City

    'Pokémon Go' Dev Niantic Accepting City Submissions for Live Events

    Fans of games like “Pokémon Go” and “Ingress Prime” can now nominate their favorite cities to potentially host a live event in 2020, developer Niantic announced on Thursday. Submissions are now open on Niantic’s website. Anyone can submit an official city nomination between now and Oct. 1, including players, parks departments, tourism boards, and local [...]

More From Our Brands

Access exclusive content