Last September, security researchers reported a number of
app publishers that practice a shady business model, charging excessive amounts
for apps if the user does not cancel the “subscription” before a free trial
ends. Although Google Play decommissioned the reported apps, researchers have
discovered a new fleet of 25 Android apps that overcharge users.
The addition of ‘fleeceware’ to the cybersecurity landscape
may stir up some serious concern, as the number of installations totals 600
million, rivaling some of the top legitimate apps found on Google Play. The
most recent list of apps known to practice this business model can be found
So how does fleeceware actually work and why does it pose a threat
Security researchers coined the
term “fleeceware” after discovering the behavior of covert apps on Google Play.
As the apps do not use traditional malware, they have managed to stay off the
radar and charge users extremely high amounts of money for subscriptions. The apps can range from QR readers and
calculators to photo editors and even fortunetellers.
For example, one of the apps,
called Fortunemirror, would provide a 3-day free trial, after which the user
would be charged $69.99 per week. If you do the math, the annual subscription
would cost more than $3,000. Even if the apps clearly state that no charges are
applied if you cancel prior to the end of the trial, some negative reviews on
the platform say otherwise.
Additionally, some apps advertise
5-star reviews that boost their ranking on the Play Store. Analysts suspect the
app developers bought some of the customer reviews and used pay-per-install
services to expand install counts.
Here are some tips that you can
use the next time you are in search of a new app for your Android phone:
- Avoid unprofessional-looking apps claiming a
high install count
- Instead of sketchy apps, find alternatives
posted by reputable developers
- Be skeptical of one-word four or five-star
- Read the fine print and the trial prompt
- Check for subscriptions in your Google Play
account and cancel any suspicious ones
- Keep copies of correspondence with the app
publishers in case you need to file a dispute
Most recently, our Bitdefender
researchers have discovered 17
Google Play apps that hide their presence on the device after installation
and display aggressive ads to their users. This is why we encourage users to always
have a security solution installed on their devices that can accurately
identify these apps and prevent users from installing them.