Fake Fornite Games Flood Unofficial Android Repositories

A recent rash of videos posted to YouTube claiming to show Fortnite footage recorded on mobile devices running Google Android apparently include links to scam versions of the game, according to sources. Videos linking to fake versions of Fortnite have been viewed several million times. None of these fake apps have made it onto the Google Play Store, but they’re easy enough to find on unaffiliated repositories linked to by search engines.

Nathan Collier, a security analyst who works with top firm Malwarebytes, said that at least one version of the app looks remarkably realistic at first. The developers of the fake app stole a Fortnite icon directly from the Apple iOS version of the game, making it look real.

The app actually redirects users to a browser page that asks them to download other apps in order to play the game. Apps are sometimes presented as dependencies that Fortnite needs to run on the device. More often, these downloads are presented as offers that need to be completed in order to access the full version of the game in lieu of microtransactions.

Considering how reliant some modern video games have become as a result of the use of microtransactions, users might easily get tricked into believing that these offers screens are legitimate. Ultimately, there’s no actual Android version of the game no matter how many links a user agrees to.

However, scammers who run the fake operation get paid each time someone downloads one of these apps from the sites they’re linked to. This is similar to many other scams that involve allegedly free book and movie downloads, though this operation is particularly concerning because it actually uses the brand image of a genuine game rather than a generic promise of something for nothing.

No action on behalf of YouTube administrators seemed to be taken at the time of this writing, though this is quite possibly because the AI module used to flag harmful videos simply hadn’t been triggered yet. Offending content will probably be removed within the next few days now that the story has broken, though gamers are urged to be careful when looking at unofficial Android packages to avoid installing harmful or nonexistent software on their mobile devices.

Tags

John Rendace


John is a GNU/Linux expert with a hobbyist's background in C/C++, Web development, storage and file system technologies. In his free time, he maintains custom and vintage PC hardware. He's been compiling his own software from source since the DOS days and still prefers using the command line all these years later.
Close