Skip to content
Naked Security Naked Security

Don’t download it! Fake Fortnite app ends in malware…

Epic Games is on the verge of releasing Fortnite for Android - so the crooks are jumping in to offer you "early access"... to malware!

Are you a Fortnite player?
Hundreds of millions of people are, but in case you’re not one of them, Fortnite is a computer game from Epic Games, in which players co-operate in gangs to save the world following a zombie-style apocalypse that has already snuffed out 98% of the population.
There’s plenty of parachuting, shooting, grenade launching, things exploding, creatures dying and all the usual stuff that makes games exciting for adults and children alike.
(Amusingly, or perhaps ironically, the number of players in real life is fairly close to the number of non-zombie humans that would be left alive if the game were true.)
Sadly for Fortnite fans around the world, the one popular platform that doesn’t support it is Android – you can get it for Windows, macOS, various gaming consoles and even for iOS, but not yet for Android.
A release of Fortnite for Android is both imminent – some time in “summer 2018”, apparently – and eagerly awaited, with some media outlets talking buoyantly about it as though it’s already there.
Today’s Daily Express in the UK, for example, published a story headlined Fortnite Android release news as stunning new Epic Games Mobile update is revealed, which doesn’t actually say that the game has been released, but certainly makes it sound as though it were available right now.


You can guess where this is going.
Scammers, flimflammers and cybercrooks love it when there’s a rush of interest for a forthcoming product that everyone is desperate to download, because they can rush in to fill the gap with malware.
And the interest in Fortnite for Android is huge, as you can tell with a quick experiment on Google Play.
Go into the search box, hit the letter F, and see what pops up at the top of the as-you-type-it list:

You next thought, when you realise that there isn’t an official release yet, might be to wonder if there’s a pre-release version – after all, the Express headline trumpeted “mobile update revealed,” as though some lucky early adopters might already have access to the app.
And where an app is in limited circulation under a non-disclosure agreement (NDA) or on embargo, there’s always a chance that someone has decided to break the embargo or dishonour the NDA, or that someone has somehow created a hacked version that can be played right away.
Next stop, then, might be YouTube, in case there’s a how-to video…
…and, sadly, you’ll find zillions of the darn things on YouTube, with the search term F once again bringing Fortnite straight to to the top of the list:

When I searched for the full text Fortnite Android, the top three videos tried to draw me in by:

  • Telling me that app’s in the Play Store. (Lie. It’s not there.)
  • Warning me about a Trojanised update. (Lie. You can’t update a product that’s not out yet.)
  • Giving me an off-market URL to get the app unofficially. (Lie. It’s not “unofficial”, it’s fake.)


Don’t do it, folks!
The very best thing that can happen if you allow yourself to be sucked into downloading a so-called “early release” version is that you’ll end up with a useless or unrelated app instead.
More likely is that you’ll end up with malware.
Here’s one example from security researcher Lukas Stefanko that we checked out, available from a website that was promoted believably enough in one of the many YouTube videos on the subject:

Note how the website even tries to give you technical support by reminding you to go to the Settings page and turn on Android’s non-default option to allow apps from Unknown sources – without this setting enabled, you’d be blocked from installing this malware by Android itself.
If you install and open the app, you’ll see a sneaky dialog offering you an immediate update with a load of conditions that you can apparently [Skip>] if you like:

But it’s a trick, because the [Skip>] button actually only skips the so-called “update” part, and instead signs you up for the “game” you’re running right now, under conditions you’ll only notice if you scroll down to the bottom of the dialog:

The treachery goes on: the app contains code to show you ads, send SMSes to revenue-generating services, and to download a secondary app.
When we tested the fake Fortnite app, the secondary download failed, but SophosLabs tried and ended up with another app installed, called Fortnite Battle Death.
This one was, in fact, a game, but it was no Epic Games product – it was a low-quality first-person shooter game called “Battle Death” (by this time, any pretence of being part of the Fortnite franchise was gone) that quickly froze.
We didn’t investigate further than that – we’d already had to turn off Sophos Mobile Security in the first place to avoid detecting the original app as malware! – because we weren’t under any misapprenhensions that any part of this might be genuine.
You shouldn’t believe anything about this app, either.

What to do?

  • Ignore apps claiming to be Fortnite early releases. Epic Games will release officially when it’s ready; all other “releases” are imposters.
  • Stick to Google Play if you can. Don’t turn on Android’s Allow apps from unknown sources option just because an email or a website tells you to.
  • Keep an eye on your mobile phone account. Watch out for unauthorised charges that might indicate you’re signed up to a premium rate service you didn’t want.
  • Consider blocking access to premium rate services. If you don’t need or want to be able to sign up for third party services via SMS, or to use premium rate numbers, find out from your provider how to block access from your number.
  • Use an anti-virus on your Android. Sophos Mobile Security is 100% free and automatically blocks malicious apps from running and dangerous websites from loading.

And, remember, if it sounds too good to be true…
…it’s false.

17 Comments

I have seen this so darn often, considering I am watching a fake livestream on it now saying its free and stuff seriously the site that its pointing to is totally illegal if it was on Android it would be on the Play Store not some dodgy website!!

Was YouTube alerted to the presence of those misleading videos? Seem they have some culpability in all of this for helping to spread the malicious URLs.

No idea – I’m not a YouTube subscriber so I am not part of the community reporting ecosystem.
You’d kind of hope that the videos could be blocked proactively rather than waiting for someone to complain – especially the ones making false claims about Google’s own Play Store :-)

Could you change the picture of the “fake” Fortnite videos? Cause the first two that are up there are videos by InfamousQuiff. And they’re just speculating when it’ll come out. InfamousQuiff doesn’t link his videos to bad sites.

I didn’t look at the names and don’t much care who posted the videos anyway – that’s not really relevant – because it’s what the videos are inviting me to infer from their titles that is important. And I can’t change them to pretend that different ones came up – I am simply reporting what I saw when I did the search.
The first video is telling me: “FORTNITE ANDROID on PLAY STORE!!” – something that doesn’t sound like “just speculating when it’ll come out” to me.
(I did change the wording so it doesn’t say the first video tells me where to find the app but simply that it tells me it’s there.)

True. InfamousQuiff uses “click bait” titles. Doesn’t matter if he doesn’t link his videos to bad sites, he does invite more views via click baiting.

The video title doesn’t ask a sneaky click bait question like “Can you get Fortnite on Google Play yet?” It explicitly says “Fortnite on Play”, and includes a mocked up image to reinforce that statement.
Sadly, the prevalence of this sort of falsehood in the search results for “Fortnite Android” doesn’t do much to discourage people from hunting for a URL where they can download it – just as I suggested above.
You called it “click bait.” I used the shorter word “lie”.

Yeah no kidding I have seen it before with this “Giveaway” scams before I think Google should update its Youtube rules stating that if ANY Clickbait giveaways or any Clickbait in general are found in any of your videos past or present you will get an INSTANT 3 strikes against your channel and your channel will be terminated and deleted from the servers and you will be banned from owning any further accounts, that would kill off channels like Infamous Quiff and Lance Stewart along with I think Morgz as well and it would decimate the entire Fortnite clickbait community as well, I wish that is what Google would do it would hurt those people where it hurts the most…THE POCKET!

Alt headline: Fake Fortnite kills users’ joy in epic battle for control of androids.

A welcome return!
Good job you didn’t forget the apostrophe, would have been so easy ;)

Leaving a quick comment to say that this article is great! Props for replying to comments too :)

Ok so I’m an idiot and I downloaded the Battle Royale version but when my friend said it might be fake I powered it off and logged off but I don’t know what to do anymore

Have you logged back on since then? If anything seems off get support about this, there are people that can help you

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?