Google announced extremely serious flaw detected in the Fortnite app

by Gabriel E. Hall - -

Google has announced that extremely serious vulnerability has been detected in the popular gaming app for Android called Fortnite.[1]

Fortnite app vulnerability

The Fortnite installer could enable other installed applications on the device to exploit the vulnerability and manipulate installation process to download the malicious software instead of the actual Fortnite application.

Even though security researchers warned a software developer Epic Games about potential security risks, the company has announced that the popular gaming app Fortnite for Android will be available to download through its own app, instead of the official Google Play app store.

It is worth mentioning that users are recommended to download apps for Android only through the official Google Play app store. In addition, a user who wants to download an app outside of the Google Play store needs to adjust some of the security features on the device.[2]

Security researchers at Google provided users with a proof-of-concept video which illustrates the potential attack taking advantage of a man-in-the-disk also known as MiTD vector.

In a nutshell, man-in-the-disk attacks allow malicious apps to manipulate the data of other apps held in the unprotected external storage before they read it, resulting in the installation of undesired apps instead of the legitimate update.

Google also has announced that the WRITE_EXTERNAL_STORAGE permission could be used to intercept the installation and replace the file with a malicious app instead.

According to a developer at Google, the Fortnite Installer performs the APK install silently via a private Galaxy Apps Api, on Samsung smartphones and tablets.[3]

This API checks that the APK being installed has the package name com.epicgames.fortnite. Consequently, the fake APK with a matching package name can be silently installed. If the fake APK has a targetSdkVersion of 22 or lower, it will be granted all permissions it requests at install-time. This vulnerability allows an app on the device to hijack the Fortnite Installer to instead install a fake APK with any permissions that would normally require user disclosure.

Patch Update available

Impacted only Samsung devices

The Fortnite installer was launched on Samsung devices exclusively, as a result, the flaw only affected the installer available on the Galaxy Apps store

The patch was introduced after 48 hours once the Google reported about the issue. Thus, users are highly recommended to install an updated version of the Fortnite installer version 2.1.0.

The company has not released any more information on this vulnerability. Thus, it is not clear if the flaw has been exploited in the wild or how many users have downloaded the vulnerable Fortnite Installer.

About the author

Gabriel E. Hall
Gabriel E. Hall - Antivirus software specialist

Gabriel E. Hall is an antivirus software specialist at

Contact Gabriel E. Hall
About the company Esolutions


now online
Like us on Facebook