Last September, security researchers reported a number of app publishers that practice a shady business model, charging excessive amounts for apps if the user does not cancel the “subscription” before a free trial ends. Although Google Play decommissioned the reported apps, researchers have discovered a new fleet of 25 Android apps that overcharge users.
The addition of “fleeceware” to the cybersecurity landscape may stir up some serious concern, as the number of installations totals 600 million, rivaling some of the top legitimate apps found on Google Play. The most recent list of apps known to practice this business model can be found below:
So how does fleeceware actually work and why does it pose a threat to users?
Security researchers coined the term “fleeceware” after discovering the behavior of covert apps on Google Play. As the apps do not use traditional malware, they have managed to stay off the radar and charge users extremely high amounts of money for subscriptions. The apps can range from QR readers and calculators to photo editors and even fortunetellers.
For example, one of the apps, called Fortunemirror, would provide a 3-day free trial, after which the user would be charged $69.99 per week. If you do the math, the annual subscription would cost more than $3,000. Even if the apps clearly state that no charges are applied if you cancel prior to the end of the trial, some negative reviews on the platform say otherwise.
Additionally, some apps advertise 5-star reviews that boost their ranking on the Play Store. Analysts suspect the app developers bought some of the customer reviews and used pay-per-install services to expand install counts.
Here are some tips that you can use the next time you are in search of a new app for your Android phone:
Most recently, our Bitdefender researchers have discovered 17 Google Play apps that hide their presence on the device after installation and display aggressive ads to their users. This is why we encourage users to always have a security solution installed on their devices that can accurately identify these apps and prevent users from installing them.
tags
Alina is a history buff passionate about cybersecurity and anything sci-fi, advocating Bitdefender technologies and solutions. She spends most of her time between her two feline friends and traveling.
View all postsDecember 19, 2024
November 14, 2024