> For the attack to work, it sounds like you would have already needed to have a piece of malware on your phone, ready and waiting to strike. But not a particularly sophisticated one. After you ask the Fortnite Launcher to download Fortnite, Google claims that any app with the WRITE_EXTERNAL_STORAGE permission would have been able to sneakily replace the real Fortnite app with a fake one after security checks were already complete. It's known as a "man-in-the-disk" attack.