Fortnite for Android: Fake apps spy on players through their phone's camera

Hackers use the unofficial apps to track a person's location, monitor their calls and spy on them through the device's camera

Anthony Cuthbertson
Thursday 13 September 2018 12:11 EDT
Comments
Fake versions of the Fortnite Android app are riddled with malware, security researchers revealed
Fake versions of the Fortnite Android app are riddled with malware, security researchers revealed (Epic Games)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Over half of all unofficial Android apps for the hugely popular video game Fortnite: Battle Royale contain a form of malware, security researchers have discovered.

Analysis by Top10vpn of 32 Fortnite-related apps found that many were designed by hackers to track a person's location, monitor their calls and spy on them through the device's camera.

"Only a minority were actually legitimate apps of any sort as a further 40 per cent were either thinly-veiled adware scams," said Simon Migliano, head of research at Top10vpn.

"Installing one of these [apps] is the modern-day equivalent of slipping a CD into your computer that was handed to you by a shady guy on a street corner. We have no idea about the identity of these digital bootleggers, nor of their intentions, so it's best to stay well away."

Earlier this month, Epic games revealed that in the first 21 days following the launch of the official Android app in August, over 15 million people installed Fortnite on their mobile device.

In a blog post announcing technical details of the Android app for Fortnite, Epic Games acknowledged the issue of unauthorised versions of the game spreading malware.

"Even before we announced that Fortnite would be released on Android, we became aware of unauthorised 'Fortnite for Android' websites appearing. These typically host malware or scams," the blog stated.

"As these sites come to our attention, we pursue takedown efforts with the sites themselves, the relevant hosting providers, and any ads or videos that promote them... Whether or not the website is distributing malware, we consider all distributions and alleged distributions of Fortnite for Android to be unauthorised."

Epic Games said it had already instigated action on 47 unauthorised "Fortnite for Android" websites, many of which were advertised through YouTube videos that claimed to offer ways to play Fortnite on Android devices.

Security researchers have previously uncovered a computer virus spread through malicious links embedded in the descriptions of Fortnite videos on YouTube.

The researchers at game-streaming platform Rainway who discovered the issue said at the time that Epic Games "could do a better job" at educating people on the risks posed by such platforms.

Epic Games said it is proactively searching for new malware sites with a dedicated internal team tasked with discovering them.

The firm said: "We continue to police the situation with a goal of taking them offline, or restricting access by leveraging Epic's connection to a network of anti-fraud partners... who can implement an in-browser alert."

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in