An alarming percentage of Fortnite Android apps put user privacy at risk

14 Sep 2018

Fortnite logo on mobile phone. Image: Alberto Garcia Guillen/Shutterstock

According to new research, Fortnite fans may be putting their privacy at risk when using Android apps that are claiming to be the gaming phenomenon.

Fortnite is becoming increasingly popular as hype continues to grow around the game. According to its developer, Epic Games, the number of Fortnite players now stands at a stunning 125m people.

While the game is undoubtedly massive, there has been criticism levelled at its developers, particularly around the development of the Android version. The Android version is set to officially launch later this September, but users are being duped already.

Reports of fake apps have dogged Epic Games for a few months and now research from Top10VPN shows that apps purporting to be Fortnite for Android have some pretty invasive permissions that are required before installation.

Fake Fortnite apps invade user privacy

The research from Top10VPN shows that more than 20pc of the apps professing to give beta access to the game on Google Play and other platforms ask excessive permissions of users before they can play. These include allowing access to their contacts, dialling a number without their knowledge, installing software silently in the background, and monitoring when they are making a call and who they are calling.

There are some major risks with permissions such as these. Allowing access to the camera could allow anyone watching to essentially collect images that the camera is seeing at any point. Consenting to location details allows mobile users to be tracked in the real world.

Malware dangers lurking in disguise

Top10VPN also found that while some of the apps do allow users to play the game, approximately 30pc of Fortnite ‘apps’ found through Google Search were just thinly veiled guides to the game that were in fact adware. 10pc of the apps were total scams, containing no game files or content at all. These raised numerous red flags for malware such as trojans during scans.

Head of research at Top10VPN, Simon Migliano, said: “It’s easy to glibly dismiss the risks associated with downloading these rogue apps by saying you should never download ‘pirated’ software. The issue is that Fortnite has an enormous global audience, many of whom are children, who are used to downloading games from the official Play store.

“Publisher Epic’s decision to protect their revenue and distribute the game directly forces these users into search engines and third-party marketplaces where it’s hard to avoid the rogue APK files that we analysed.

“I would expect a significant proportion of the player base wouldn’t even know who the publisher is nor to go their website. This is not the user experience they have grown up with and it’s unfortunately left them vulnerable to opportunistic scammers.”

Fortnite logo on mobile phone. Image: Alberto Garcia Guillen/Shutterstock

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com