Fortnite for Android is vulnerable to malware attacks

by Lucia Danes - -

Fortnite Android app is vulnerable to malware because of a serious vulnerability

Malware loads instead of Fortnite on Androids

Recently, cybersecurity researchers discovered a dangerous security flaw in the Fortnite Android app. The primary purpose of this bug is to help other applications installed on mobile phones change the installation process and inject malware instead of displaying the Fortnite game.[1]

Epic Games[2], the developer of Fortnite, stated that the game should be an app of its own and should not be included in the Google Play Store[3]. Even though numerous researchers have warned the firm that this can be harmful for numerous Android users as downloading apps in the Play Store is a much safer way, the company decided not to listen.

If you ever consider downloading various apps outside of this internet store, you might be asked to disable some security settings if wanting to continue with the installation. This can lead to various risks as your device protection level will decrease once you give the permission.

Virus's activity on mobile devices

A particular malware was found to be injected into the Fortnite game app. Such infection manipulates various applications that are on the targeted device and installs random unwanted components instead of the requested game. Notice that, if you want to install Fortnite on your mobile phone device, you need to get another helping app that allows you to download Fortnite. Such an app might ask permission for various personal details like SMS messages, GPS, activating the camera, and others.

Google researchers stated that the malware is installed secretly:

On Samsung devices, the Fortnite Installer performs the APK install silently via a private Galaxy Apps API. This API checks that the APK being installed has the package name com.epicgames.fortnite. Consequently, the fake APK with a matching package name can be silently installed.

Epic Games is unhappy with Google's decisions and actions

On the 15th of August, Google discovered about the damaged app and provided the latest 2.1.0 version of the new Fortnite Installer. However, Tim Sweeney[4] from Epic Games did not seem thankful for such activity, as they were not happy with Google disclosing the latest corrupted version very fast rather than waiting for three months to pass.

However, users are recommended to install the latest 2.1.0 Fortnite version on their mobile phones and permanently delete the previous one. Do not keep the first variant as it can bring harm to you and your device.

Numerous fake Fortnite versions have been spread in the past

Researchers have claimed that, once Fortnite was released, various malware versions of this game were created frequently[5]. They were fake game versions created by random hackers which decided to manipulate the new favorite game application and use it for their good.

Fortnite apps were advertised widely through the Internet and offered the same gaming techniques but brought revenue to the spreaders. However, such adware-related versions are not that dangerous as other sneaky malware infections. These fake versions cannot steal banking details or other valuable information.

However, worse prognoses have been made for the future. The more popular the Fortnite Android app becomes, the more it falls into the sight of various cybercriminals. This gaming app and its installers might be misused even in more dangerous ways and cause lots of damaging consequences. The more difficult the virus is, the harder to get rid of it.

Be aware of various malware that might look like original programs at first. Always be careful while downloading various gaming applications like Fortnite, especially if they are not included in the Google Play Store and work as an app on their own.

About the author

Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions

References