Epic Games had made it to the headlines when it decided to distribute Fortnite for Android via its official site instead of Google Play Store. This decision was expected to save a lot of money, which would otherwise be paid as Play Store commission. However, it seems that the plan does not offer much security when compared to the Play Store model. According to the latest reports, the Fortnite installer app can be hijacked by hackers and used to install ‘any’ kind of app on the particular Android device. This can be performed without consent of the Android user, making things worse.
Experts had warned about this possible scenario when Epic Games decided to ditch Google Play Store. That having said, no one expected that the issue would arise so far. This is how the problem works: when a user downloads Fortnite from the official website, they are downloading the installer program. This installer app would later download the full app into the mobile device. The problem here is that the installer app can be easily hijacked and used for downloading malicious content. So, in the worst-case scenario, a user would be downloading some malware and launching them when they hit the Launch button on the app.
Of course, it’s not like that anyone who downloads Fortnite installer would face this issue. The request for downloading the malicious content are made by some other not-so-trustworthy apps on the device. As it’d happen, the Fortnite Installer works as the perfect gateway for that. The biggest problem here is that users won’t be notified when another app is being installed. Because you have given permissions for the Fortnite Installer, there won’t be permission-based prompts either. It should be noted that the flaw was exposed by Google itself, which might have some advantages through the act. Later versions of the Installer do not have this issue.