PUBG’s Main Menu vulnerability could put a countless number of systems at risk.
PUBG’s main menu vulnerability could potentially leave your system open to hackers, and your steam account getting phished, a detailed report sheds light on an issue which Bluehole keeps turning a blind eye to.
PlayerUnknown’s Battlegrounds, developed by Bluehole is better known in the mainstream as PUBG, is a battle-royale FPS that offers some superb graphics, great gameplay, and has dethroned Valve’s own DOTA 2 on its own turf, for a game that is still in early access.
The game’s premise offers an online free-for-all game type pitting 100 players in a large open world setting for an ultimate battle of the last man standing. The game has indeed garnered a significant following and a player base, one that rivals that of Blizzards Overwatch.
While the game has great acclaims in terms of player base, sales, and other accolades to boast, there surely can’t be anything with the game, right?
According to a blog post on Medium, the author Filip Sufitchi claims that the games own main-menu lacks basic secure connection protocols and security measures, leaving innumerable players exposed to a vicious man-in-the-middle attack (MITM) that takes place within the browser.
You can read the full article yourself by going here, but let me break it down in layman for you.
Who is vulnerable, and how to protect yourself.
While this all sounds complex, the author has explained that the PUBG’s main menu lacks proper security and protection protocols between player and server.
The man-in-the-middle attack delivers on its name here, leaving any player system vulnerable to malware and phishing by anyone with ill intent having the capability of inserting malicious code within the traffic.
The attacker can intercept the data being transferred between yourself and the game, and insert whatever they wish for your computer to open, perceiving it as important data.
The author explains that there is quite a large audience of users who are susceptible to the attack:
- If you are playing on public Wi-Fi (Unprotected / Open connections).
- Playing on any wireless network, given the recent WPA2 news.
- Wired or wireless connections that have also potentially been hacked.
The author highly encouraged to use secure wired connections on your desktops to best protect yourself from the attack.
Considering the game is currently in development for the Xbox One, and there are also a large number of consoles that rely on Wi-Fi Connections to play online, one can only hope that this is rectified soon.
PUBG’s Main Menu Vulnerability Account Hack:
The author simply isn’t crying wolf, as he has shown that it is indeed possible by replicating the attack himself to show proof of concept. He made his own landing page which looks like the real thing and can easily deceive anyone at first glance.
If you read the authors original article, you will see that he has claimed that similar landing pages can easily be inserted into a players connection between Bluehole and their connection on the main-menu, redirecting players to a fake landing page where unsuspecting players can enter their steam credentials and lose their accounts.
The article states that the vulnerability is at least six months and still hasn’t been addressed by the developer. This is indeed a great threat to a large community, and as such should be taken very seriously.
For a game with a player size and install base of PUBG, it is the responsibility of Bluehole to investigate such matters and rectify them if need be. Let’s hope that the issue catches the eye of the developer and is promptly fixed.
You can find this written out in detail near the end of the original article itself, which actually illustrates just how pertinent the threat is.
Source: Medium
Are you an active PUBG player? Let us know your thoughts in the comments.