Cyber criminals leveraging fake Fortnite for Android apps to generate clicks
June 21, 2018
Cyber criminals have found a new way to fraudulently generate malicious app downloads and earn money: by inserting links to YouTube videos that appear to allow users to play the insanely-popular video game Fortnite on Android devices.
Research by Nathan Collier at Malwarebytes Labs has revealed how hackers are leveraging the worldwide popularity of Epic Games' video game named Fortnite to fool gullible gamers into downloading fake Android apps that mimic the original iOS app and ask users to download more malicious/fake apps in order to unlock the game on their devices.
Fake Fortnite for Android app in circulation
However, unbeknownst to many unsuspecting Android device users, Epic Games are yet to launch the Fortnite game for Android devices even though the iOS app has been around for almost a year. What this means is that links on websites or YouTube videos that appear to be those of Fortnite's Android app are, in all probability, either fake or malicious.
"The scheme goes like this: Get a couple of over-excited people salivating for a chance to play Fortnite on Android, and get paid. The more downloads that come from the website, the more money the malware developers can make," said Collier.
"With the app being so simplistic, the amount of development effort is pretty low for the amount that could be potentially gained. Hopefully, we can help stop the revenue stream by detecting this one as Android/Trojan.FakeFortnite," he added.
According to him, malware developers behind the spread of fake apps masquerading as Fortnite for Android are pasting links on YouTube videos, offering viewers the chance to play the popular video game on Android devices. To increase their chances of success, the developers are including such links to YouTube videos that appear when users search for “How to install Fortnite on Android” or “Fortnite for Android” on Google or YouTube.
Once a viewer clicks on such a link on his Android device, an app named Fortnite gets downloaded from a third party app store that features an icon that closely resembles the one featured by the iOS app, displays the Epic Games logo to further trick users, plays the Fortnite intro song and also features a loading screen that is similar to the original iOS app.
The app then asks the user to go through a mobile verification process that includes several steps, including one that requires the installation of another app from the Google Play Store as well as one that requires the user to verify that he/she is not a bot.
However, even if the user downloads the app and religiously follows the step-by-step procedure to verify his/her authenticity, the user will never be able to play the game as it is obviously a fake.
"Every time there is craze around a new video game release, consequently we see malware authors jumping into the game. Often, it’s an attack against our good senses. They capitalize on that little itch that screams “I want it now!” We suggest listening to that other inner voice that warns, “This seems too good to be true.”
"Our advice: be patient. If you wait for the official release by Epic Games in the Google Play Store this summer, you won’t have the spend the ensuing months cleaning malware off your Android. Stay safe out there!
The rise and rise of third-party app stores
This isn't the first time that malicious developers are using third-party app stores to host fake apps that do not contain any robust security feature or encryption to safeguard the user's privacy but instead, steal device information and spy on user activity while running in the background.
"The malicious app distributed by the store at the time of the investigation was remotely controlled banking malware capable of intercepting and sending SMS, displaying fake activity, as well as downloading and installing other apps," they noted.
Jay Jay is a freelance technology writer for teiss. He has previously written news articles, device reviews and features for Mobile Choice UK website and magazine, as well as writing extensively for SC Magazine UK, Tech Radar, Indian Express, and Android Headlines.
The Coca-Cola company has announced that it suffered a breach of personally identifiable information of about 8,000 people, eight months after law enforcement authorities alerted the company about a possible …
On this episode of the teissPodcast, we talk to Mick Jenkins, CISO of Brunel University, about Advanced Persistent Threat actors, espionage and the targeting of Intellectual Property. Mick talks about …