Fortnite mobile for Android devices has a serious security flaw

Fortnite security breach

The massive online battle royale video game has finally made its way onto Android devices this week. Fortnite has been out on iOS devices for some time but had been awaiting its full launch onto Android due to implications with how the Google Play Store takes a cut of in app purchases. While Fortnite is a free to play game, Epic Games makes their money by selling in game cosmetics at a hefty price tag. Google takes a 30 percent cut out of these purchase so to ensure that they get all of their profits Epic Games decided to go another route.

To get around this, Epic Games (the developers of Fortnite) released the game onto Samsung devices through the Samsung store. However by skipping the Play Store, a critical security flaw was developed during when you download the game. Fortnite isn’t listed on the Play Store at all, instead you have to navigate through a website hosted by Epic Games and download the install through there. This external website is where the vulnerability occurs.

How the vulnerability works is that any app that has the “WRITE_EXTERNAL_STORAGE” permission can replace the APK after the download is complete. This means that people can replace the APK with malicious software that gives them access to your phone. Additionally the APK installs the package silently in the background so if someone has access to your phone, they can replace the APK with the virus without you noticing while the app is being updated.

While you and a lot of other users may be thinking, how can the downloading of foreign software be allowed on my device? The short answer is that when you go to download Fortnite on your device you have to change the security permission to allow downloads from all sources. This is vital to allowing the installer to run which also in turn allows hackers to access your phone.

The issue was brought to light from Google’s own software engineers. Since being disclosed to Epic Games, the flaw has been fixed.

 

Brit Brit Martinez

As our second lead editor, Brit Martinez provides guidance on the stories The Marketing Folks’ reporters cover. She has been instrumental in making sure the content on the site is clear and relevant to the readers. Brit received a BA and and MA from University of Alaska Anchorage.

Recommended For You