Epic Gaming’s decision to offer the Android version of the popular game Fortnite via its own website instead of through the Google play stores is continuing to stir up controversy and raise security questions.
Last month, the company announced that Fortnite’s Android version would require users to disable their security settings to install the app outside the Google Play store in an effort to skirt Google Play’s commission charges.
This created a unique set of issues including putting children in a position of having to enable the “allow installs from unknown sources” option on their devices opening them up to exposure to rogue malicious apps by mistake.
Researchers noted that a lot of stakes rely on the how well the official app is promoted and how efficiently game developers are in ensuring users only download the game from one specific ling.
In addition, Epic must also ensure its own sites don’t fall victim to sophisticated SEO scams which point traffic away from their own site and into malicious downloads. Unsurprisingly, this created some issues for users in the aftermath of the decision after news broke that Epic’s Fortnite Installer could allow threat actors to silently download and install anything on a user’s device as a result of disabling the security feature.
“In the end, it wasn’t even a rogue app causing mayhem but an issue found with Fortnite’s installer that allowed for the possibility of rogue apps onboard to hijack the installer and install their own junkware,” Malwarebytes researchers said in the report. “The so-called “Man in the Disk” attack looks for apps not locking down external storage as well as they should, and quickly gets to work exploiting things happening under the hood.”
Researchers noted that this situation is not unique to Epic and Fortnite but is just an example of problems to come as mainstream apps require users to enable the “allow installs from unknown sources” feature in order to access their products.