It appears that PC gamers can take advantage of an exploit on the Epic Games Store to access and keep games to their accounts for free. Willian Worrall of CCN discovered this new vulnerability and – for anyone interested – Epic Games has not fixed it yet.
According to Worrall, a user can log into an account that has purchased the game and download it. That’s quite normal as it happens with every store/launcher. However, users can then logout, log into their own account and start playing the game. Yeap, you read that right; even if you haven’t purchased the game for your own account, you will still be able to play it.
As Worrall noted, this is mainly due to the lack of a DRM. In order to demonstrate this exploit, Worrall used Borderlands 3 as an example. This exploit can be easily reproduced on newer EGS accounts, and it most likely affects all games on the store. Now while Borderlands 3 uses the Denuvo anti-tamper tech, it does not – apparently – lock your copy to your Epic Games Store account.
Epic Games has not responded yet on this vulnerability, though we are certain that it will fix it really soon.
Now I’m pretty sure that some users will try to take advantage of it, however, we don’t know whether there will be any future precautions against this exploit. By future precautions, I obviously mean Epic Games banning the keys used for this exploit. Moreover, and like most exploits, this is strictly illegal so we strongly suggest staying away from such things.
Kudos to our reader Metal Messiah for bringing this to our attention!