Fortnite experts risk becoming victims of malware infections on their phones, following the decision of the developer of Epic Games to omit Google Play Store to publish the game on its own website, security experts warned.
The popular real battle game, which is now available for PCs, home consoles and iOS, is now available on select Samsung devices and will soon be available on other Android phones. But in an unusual decision, Epic Games will not publish Fortnite in Google’s leading Android app store, but instead hosts the application for download.
Unlike iOS, Android allows users to install applications downloaded from the Internet and even install competing application stores. But the option is disabled by default, and security experts have warned that this is for good reason.
“The decision of Epic Games to publish the Android version of Fortnite outside the Play Store is a very bad option for the security of its players,” said Rob Shapland, senior cyber security consultant at Falanx Group.
“Android devices are already much more susceptible to malicious programs than Apple devices, with the greatest protection being to always download Play Store applications, since these applications are detected to detect malware, which prevents most of them from being installed. of malicious applications, “Shapland added. “By encouraging users to download Fortnite outside the Play Store, Epic Games leaves its players vulnerable to malicious copy apps that accidentally install themselves if they go to the wrong place.”
The threat of an attack is not hypothetical. Even before Epic announced that Fortnite would come to Android, the game was often used by malicious actors as bait to encourage naïve users to install malware, deliver their payment details or just look at ads, said Sean Sullivan, a security adviser. of F- Insurance. “A useless application would request the installation of three additional applications.
“This kind of scenario is very discouraging, I would like to believe that young people will be more immune to scams, but the market for free apps and YouTube trash is basically conditioning them to ignore best practices of any kind. they veto nothing. ”
In addition to offering the immediate risk of malware infections, Epic’s decision could undermine the overall security of the Android ecosystem, said Lukas Stefanko, an ESET malware analyst. “If the producers of other popular games follow the footsteps of Fortnite and begin to ignore the Google Play Store, this could have a dangerous impact on the security of those who play on Android, as they would be much more vulnerable to installing applications from sources unknown., which could be malicious. ”
Shapland agreed, noting that the move “normalizes the behavior of downloading applications from outside the Play Store, which can only cause more malicious applications to be installed in the long term.”
Google’s control of the Android application ecosystem has been a mixed blessing for the company. By acting as an effective guardian, it has managed to maintain a limit on malware on the platform, as well as protect against fragmentation, ensuring that most Android applications can run on most Android phones. But it has also been discovered that the company is abusing its monopoly, which translates in part into a billions of euros fine from the EU Competition Commission.