Critical Flaw in Fortnite Android App Lets Hackers Install Malware...

On Samsung devices, the Fortnite Installer performs the APK install silently via a private Galaxy Apps API. This API checks that the APK being installed has the package name com.epicgames.fortnite. Consequently, the fake APK with a matching package name can be silently installed," Google researcher said.
"If the fake APK has a targetSdkVersion of 22 or lower, it will be granted all permissions it requests at install-time. This vulnerability allows an app on the device to hijack the Fortnite Installer to instead install a fake APK with any permissions that would normally require user disclosure.

Want to join the Penetration Testing community? Join our Discord server!
https://discordapp.com/invite/rrRQGnJ

Do you enjoy the content on this channel? YouTube ad revenue is virtually non-existent so please consider funding Penetration Testing via Patreon:
https://www.patreon.com/penetrationte...

Facebook Page: https://www.facebook.com/kaliforensics

Pinterest: https://www.pinterest.com/penetration...

Instagram: https://www.instagram.com/penetration...

Google+: https://plus.google.com/b/10053333383...

Thanks For Watching....

Like Share & Subscribe.....