A critical flaw was discovered in the popular Fortnite game making it vulnerable to man in the disk attacks
A critical flaw was discovered in the popular Fortnite game making it vulnerable to man in the disk attacks. The flaw was discovered by Google security researchers in the Android app version of the Fortnite game. The Android version of the game was recently launched, and instead of launching it through google play store the Epic games decided to distribute it directly through their website. The vulnerability could allow malicious apps already installed on user devices to Hijack the download process and install other malicious apps. When you download the Fortnite game directly from the website you don't actually download the whole game, you download the Fortnite installer app first. The installer app then downloads the whole game from Epic website. The vulnerability lies in the installer app which allows attackers hijack the request to download the game from the website and instead download anything to your device when you click the download button which is known as the man in the disk attacks. These attacks are possible when the app uses external storage spaces to store the data. The installer app uses the device's External Storage space to download and install the actual game. “Any app with the WRITE_EXTERNAL_STORAGE permission can substitute the APK immediately after the download is completed and the fingerprint is verified. This is easily done using a FileObserver. The Fortnite Installer will proceed to install the substituted (fake) APK.” In Samsung smartphone devices the game is installed silently via private Galaxy Apps API. The API checks whether package name is com.epicgames.fortnite or not, so the attacker can use this to install a fake APK with the same package name. “If the fake APK has a targetSdkVersion of 22 or lower, it will be granted all permissions it requests at install-time. This vulnerability allows an app on the device to hijack the Fortnite Installer to instead install a fake APK with any permissions that would normally require user disclosure.” said in the post published by Google security researchers Google researchers discovered the vulnerability on August 15 and notified it to Epic games immediately. They patched the vulnerability within 48 hours of the notification and deployed it to all the customers. Android users are advised to update your app immediately.
You may be interested in reading: Hundreds of Instagram Accounts were Hacked in a Widespread Campaign