The battle royale video game Fortnite has been a phenomenon for the gaming community. As this is the case, it should be no surprise that hackers are looking to capitalize on the success and trick would-be players with fake content. This is the case now especially with the game making its way to mobile platforms. With Fortnite's developer, Epic Games, releasing an iOS version of the multiplayer shooter, many Android users have been left wondering as to when they will receive their own port of the game and practicing impulsive behavior as a result. Instead, they end up with a fake Fortnite app loaded with malware.
It is this predicament that hackers have sought to capitalize on via malicious Android apps. As discussed in a report by zscaler, numerous Android applications have surfaced that claim to be the Android version of Fortnite. Despite an announcement from Epic Games on an upcoming summer Android release, this hasn't stopped a percentage of Fortnite players (which totals 45 million) from downloading a fake Fortnite app. Most of them have been found in third-party application stores, but at least one of these malicious applications has made its way into the Google Play Store.
As the zscaler report states, there are numerous types of baiting methods used to encourage downloads. From offering the full game to offering a way to earn in-game currency, many are falling victim to these fake Fortnite apps. This has left many individuals in disarray as they have seen their mobile devices infected by spyware, cryptomining malware, and other invasive hacking methods.
With the player base of Fortnite being so large, there is no telling as to just how rampant these infections have been. It is imperative that users be vigilant with their downloads. This goes double for parents of children that play Fortnite (one huge contributor to the game's success is its generation-spanning appeal). Monitor your device constantly for suspicious activity and avoid third-party downloads at all costs. Do not blindly trust official stores like Google Play either, however, as it has been proven that this app store is a breeding ground for black hat activities.
The zscaler report also gave some solid advice, which is shared below:
To avoid becoming a victim of such malware, it is a good practice to uncheck the "Unknown Sources" option under the "Security" settings of your device. This will prevent you from inadvertently downloading fake apps, which are sometimes convincing in their design. Additionally, users should also check comments and rating of the app even when downloading them from Google Play store.
If a user becomes aware that there is spyware on their phone, here are the steps they should perform for remediation:
- Step 1. Disable Accessibility access for Fortnite app: Settings -> Accessibility -> Fortnite (App name) -> Turn off access
- Step 2. Remove the Fortnite app: Settings -> Apps -> click on Fortnite icon -> Uninstall."
In short, be patient when looking at apps and never download out of impulse. A little research can save you a lot of headaches.
Featured image: Official GDC/Wikimedia