Fleeceware apps installed by over 600m Play Store users

A new set of “fleeceware” apps have been discovered that appear to have been downloaded and installed by over 600m Android users according to security researchers at Sophos.

The cybersecurity firm first coined the term fleeceware last September after it discovered a new type of financial fraud taking place on the Google Play Store. The term itself refers to apps that abuse the ability to offer trial periods to users before their accounts are charged.

When a user signs up for an Android app trial period, they have to manually cancel the trial to avoid being charged. Most users just uninstall apps they don't like and the majority of app developers take this as a sign that they wish to cancel the trial period without being charged.

However, last year Sophos discovered that some app developers didn't cancel an Android app's trial period after it was uninstalled and instead kept charging them despite the fact that they were no longer using the app.

Fleeceware apps

According to Sophos, the firm said that it initially discovered 24 Android apps that were charging high fees, between $100 and $240 per year, for simple apps such as QR readers and calculators after their trial periods ended.

In a recent report though, Sophos revealed that it had discovered another set of Android fleeceware apps that were installed by over 600m Android users. The company's Jagadesh Chandraiah explained how these fleeceware apps were able to become so popular on the Play Store in a blog post, saying:

“Some of these apps are very unprofessional looking. Based on past experience, it may have been the case that these app developers could have used a paid service to bloat their install counts and forge a large number of four- and five-star reviews. You can identify some of these falsified user review clusters if you scrutinize the recent 5 star reviews; one-to-three word, five star reviews have a propensity to be “sockpuppet” reviews.”

Fleeceware apps remain a problem that Google will have to deal with on the Play Store but to prevent falling victim to their scams, it is recommended that users think twice about signing up for a trial period, remember to cancel any trial periods they do sign up for and check their Play Store payment history for any suspicious charges.

Via ZDNet


Source: techradar

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>