After watching friends play Fortnite on their iPhones for months, you may have downloaded the game the second it became available for your Android phone. I get it. But doing so could have put you at risk.
As spotted by Android Central, Google has disclosed a huge vulnerability in Epic Games’ original Fortnite installer for Android, one that could have taken advantage of the Fortnite installer to install and launch a rogue app, and even give that app access to your phone’s data without you ever knowing.
For the attack to work, it sounds like you would have already needed to have a piece of malware on your phone, ready and waiting to strike. But not a particularly sophisticated one. After you ask the Fortnite Launcher to download Fortnite, Google claims that any app with the WRITE_EXTERNAL_STORAGE permission would have been able to sneakily replace the real Fortnite app with a fake one after security checks were already complete. It’s known as a “man-in-the-disk” attack.