Fleeceware – 25 Play Store apps that empty your pockets

Last September, security researchers reported a number of app publishers that practice a shady business model, charging excessive amounts for apps if the user does not cancel the “subscription” before a free trial ends. Although Google Play decommissioned the reported apps, researchers have discovered a new fleet of 25 Android apps that overcharge users.

The addition of “fleeceware” to the cybersecurity landscape may stir up some serious concern, as the number of installations totals 600 million, rivaling some of the top legitimate apps found on Google Play. The most recent list of apps known to practice this business model can be found below:

So how does fleeceware actually work and why does it pose a threat to users?

Security researchers coined the term “fleeceware” after discovering the behavior of covert apps on Google Play. As the apps do not use traditional malware, they have managed to stay off the radar and charge users extremely high amounts of money for subscriptions.  The apps can range from QR readers and calculators to photo editors and even fortunetellers.

For example, one of the apps, called Fortunemirror, would provide a 3-day free trial, after which the user would be charged $69.99 per week. If you do the math, the annual subscription would cost more than $3,000. Even if the apps clearly state that no charges are applied if you cancel prior to the end of the trial, some negative reviews on the platform say otherwise.

Additionally, some apps advertise 5-star reviews that boost their ranking on the Play Store. Analysts suspect the app developers bought some of the customer reviews and used pay-per-install services to expand install counts.

Here are some tips that you can use the next time you are in search of a new app for your Android phone:

• Avoid unprofessional-looking apps claiming a high install count
• Instead of sketchy apps, find alternatives posted by reputable developers
• Be skeptical of one-word four or five-star reviews
• Read the fine print and the trial prompt
• Check for subscriptions in your Google Play account and cancel any suspicious ones
• Keep copies of correspondence with the app publishers in case you need to file a dispute

Most recently, our Bitdefender researchers have discovered 17 Google Play apps that hide their presence on the device after installation and display aggressive ads to their users. This is why we encourage users to always have a security solution installed on their devices that can accurately identify these apps and prevent users from installing them.