Epic Games announced today they’d be releasing Fortnite for Android through their own website instead of Google Play. Because of this – or perhaps with our without Epic Games’ help, fake versions of Fortnite began to pop up – they’ve been appearing since the iOS version of the game was first released. Now that Epic Games confirmed that the Fortnite app will be available on the web, not through Google, there’s a whole lot of potential out there for mistaken identities and malicious parties attacking the helpless addicts of the game.
Fake App Example
One of the first most blatant examples of a malicious fake of the app comes from the folks at anizz14. The easiest way to see this username / package name is by downloading the APK, turning the APK into a ZIP file, opening up said ZIP file, and looking at the contents of the Android manifest. There it’ll be, clear as day.
See the image above – That’s part of this app. It looks extremely genuine because it’s using real Fortnite graphics. It’s good enough to fool almost anyone because it’s made with the same components we’ll likely see in the real app! The other two images you see in this article are straight from this 3rd-party fake app too.
This app can be found in basic Google searches and through YouTube links of several sorts. If you’ve searched for “Fortnite for Android” or tapped an advertisement for a “Beta” release of Fortnite on Android, you might’ve downloaded this app. The app was delivered several ways, one of which was through Epic Games Beta dot com. That website’s URL was first registered on April 11th, 2018.
The app looks innocuous. The webpage from whens the app comes from looks perfectly harmless. It looks a bit unprofessional, what with the awful typesetting and all, but still – your average 10-year-old might not notice such a thing. They’ll tap that download button and load the app up faster than you can say “oh god, why, don’t do that, jeepers!”
The app leads the user through a series of tasks which somehow or another earn the malicious party a bit of money. Drop in on the app code if you wish to know all the dirty details. They aren’t great.
This is not the ONLY fake Fortnite app. It’s not even the latest fake Fortnite app. It’s just the easiest to recognize due to its absurdity and ease of access. People will download the app, see the app on their Android home page just fine, and open the app – without trouble! All the malicious bits happen behind the scenes, without much trouble for the user at all – it’s like a fart, silent but deadly.
What can Epic Games do?
Stop trusting search engines to direct users to the correct download location for apps. Downloading games on a PC is different from downloading games on a smartphone. There’s an innocence in mobile gamers that’s been beaten mercilessly out of PC gamers over a period of decades.
A PC gamer knows to check themselves before they wreck themselves. They know to tab out to a new window to check whether a website is the official download point for a new game before they hit that download button. On a mobile phone, double-checking anything is well past the patience and effort threshold of your average smartphone user.
Not only that – once the actual real game is downloaded, if a user ever gets that far, they’ll have to open a secondary door in their phone. They’ll have to open the 3rd-party-sources gate on their Android phone to install the app. I would hope that once the app is installed, the Fortnite app would direct users back to that point in Settings to re-close that gate, so that no more 3rd-party apps could be installed without that guard up.
Most apps do not remind the user to re-close the gate. But most apps aren’t meant to be downloaded outside of the Google Play app store.
Also note: We’re waiting on a comment from Epic Games about the situation. It’s really just developing as of this afternoon, so don’t let’s get too excited about it just yet. Unless nothing changes, in which case GET YOUR PIXELATED PITCHFORKS!
UPDATE: A good move by Epic, assuming it works as intended. Have a peek at the tweet below from Sweeney.
A "download" button is coming to https://t.co/8upfAAOWZE. On the latest Android Oreo devices, this goes directly to a download link which installs the game following user acceptance of several security prompts – no "unknown sources" involved.
— Tim Sweeney (@TimSweeneyEpic) August 3, 2018
UPDATE 2: Epic Games responded to SlashGear’s questions with the following statement from Epic CEO Tim Sweeney.
“First, Epic wants to have a direct relationship with our customers on all platforms where that’s possible. The great thing about the Internet and the digital revolution is that this is possible, now that physical storefronts and middlemen distributors are no longer required.
Second, we’re motivated by economic efficiency. The 30% store tax is a high cost in a world where game developers’ 70% must cover all the cost of developing, operating, and supporting their games. There’s a rationale for this on console where there’s enormous investment in hardware, often sold below cost, and marketing campaigns in broad partnership with publishers.
But on open platforms, 30% is disproportionate to the cost of the services these stores perform, such as payment processing, download bandwidth, and customer service. We’re intimately familiar with these costs from our experience operating Fortnite as a direct-to-customer service on PC and Mac.” – Epic Games CEO Tim Sweeney
What can gamers do?
Make sure that the ONLY webpage you download Fortnite from is EPIC GAMES DOT COM. To make absolutely sure you’re at the right place, tap the link below and drop in on the “Get Started” link. If you’re willing to wait for it, you’ll be able to get signed up for the Android notification email which will, inevitably, lead to the correct download page when it’s made available.
1. Go to EpicGamesDotCom slash Fortnite slash en-US slash mobile
2. Click the Get Started Link
3. Get email with link
3. Wait until there’s a download button on Epic Games Dot Com (ONLY!)
At NO POINT will there be a BETA release for this app. The app will not be released early for any device other than the Galaxy Note 9, and it’ll probably be exclusive for at least a month, if not more. If you or someone you know appears to be playing Fortnite on an Android device before the end of August, you or they are probably on the receiving end of a scam the likes of which you’ll have been told so about.