The popular game “Fortnite” is attracting malware offering up bogus Android versions.
Gamers hungry for the Android version of the app – it’s currently only available on mobile on iOS – are a prime target for bad actors, according to Hacker News.
They’ve become a big target, as “Fortnite” has grown. In less than a year, the survival game has grown to 125 million players, Epic Games said in a blog post in June. And players have been spending close to $300 million a month, according to the most recent data.
This has triggered a wave of searches, including tutorials on downloading Fortnite on Android, according to Hacker News.
“Due to the massive interest of users surrounding the Fortnite game, many gaming and tutorial websites have started taking advantage of Android users’ impatience with frighteningly convincing scams, which is all over Google and YouTube as well,” Hacker News said.
“Fortnite Battle Royale” is available on Nintendo Switch, PlayStation 4, Xbox One and the aforementioned iOS. The game will have an official Android release this summer.
Analysis shows active scams
People are unwittingly finding the bogus software via searches such as “How to install Fortnite on Android” or “Fortnite for Android” or stumbling across links in YouTube ads, according to a blog post by Malwarebytes Labs’ analyst Nathan Collier.
For example, YouTube videos are already showing up with links to fake Android versions, Collier stated.
Malwarebytes spells out one typical scenario. A fake app, replete with a stolen “Fortnite” icon from the iOS version, takes you to a splash screen showing a legit-looking Epic Games logo and loading screen. After that, things “go sideways,” according to Malwarebytes. “Unlock instructions” and “tap to install” screens appear but at that point you’ve hit a dead end.
“The bad news is that no matter how many apps you download, the game never unlocks—because it never existed within the malicious app in first place,” Collier wrote.
Malwarebytes has set up a separate page called “Android/Trojan.FakeFortnite,” the name given to the “clickbait trojan” for the Android platform that pretends to install “Fortnite.”
The upshot is that malware actors make money – and that’s not a good thing: more downloads from fake sites means more money for the bad guys.
“It’s similar to false advertising,” Collier told Fox News in an email. “The malware developers promise something they never intend to delivery, a working Fortnite for Android game. Even worse, they steal from the legitimate Apple iOS version to mislead users,” he said.
Collier explains that it’s not the threat of infection per se. “Malware like FakeFortnite are…in a ‘grey’ area. There may not be an actual malware/infection threat, but sending users down a rabbit hole like this were they are left empty handed is still considered malicious activity,” he said.