After seeing friends playingon their iPhones for several months, you may have downloaded the game the other became available to your Android phone. I understand. But it may have jeopardized you.
As detected by Android Central, Google has revealed a major vulnerability in the Epic Games original Fortnite installer for Android, one that could have used the Fortnite installer to install and launch a rogue app, and even give that app Access the phone's data without knowing it.
For the attack at work, it sounds like you already needed to have a piece of malicious software on the phone, ready and waiting to strike. But not a particularly sophisticated. After prompting Fortnite Launcher to download Fortnite, Google claims that an app with the WRITE_EXTERNAL_STORAGE permission could have replaced the real Fortnite app with a false after security checks already completed. It is known as a "man-in-the-disk" attack.
Worse, the Fortnite installer can automatically have given a fake app all the permissions it requests (access to microphone, location, SMS, etc.), giving it an incredible amount of power over your data. This is because the Fortnite installer tries to set the authorization step ̵
when it was found that Epic Games was next to the Google Play Store with its own special installer due to the risk it could lead to that people download the game. Sounds like these concerns were justified.
Fortunately, vulnerability was not long. Fortnite became available for Androidand then available to all Android on August 12th. Google brought vulnerability to Epic Games attention August 15th. Epic Games immediately acknowledged its mistake and fixed the error with version 2.1.0 of launch on August 16th.
This means that there was only a weekclick when people could have been affected and there is no indication that someone actually was. Nevertheless, with an app that was hyped like Fortnite, there would have been significant incentives for hackers to try.
Epic Games did not respond immediately to a request for comment, but Epic CEO Tim Sweeney has public inquiry if Google made it responsible by exposing vulnerability early:
Google provided the following statement: "User Security is our Top Priority, and as part of our proactive malicious software monitoring, we identified a vulnerability in Fortnite installer. We immediately reported Epic Games and they solved the problem. "Here are Google's security guidelines.
Update, 12:12 p.m. PT: With Google Statement