Cyber Security

Android ‘fleeceware’ apps installed by 600 million users

0

Security researchers from Sophos stated that they have found a new set of “fleeceware” apps which were downloaded and installed by more than 600 million Android users.

The term fleeceware has been newly added to the cyber-security jargon by the UK-based cyber-security firm Sophos last September following an investigation that lead to a new type of financial fraud on the official Google Play Store.

Fleeceware refers to the apps that misuse the ability for Android apps to run trial periods before a payment is charged to the user’s account.

All the users who sign up for an Android app trial period must cancel the trial period manually to avoid being charged. But most users just uninstall an app when they do not like it.

A large number of app developers interpret this action of a user uninstalling their app as a trial period cancelation and do not charge them for it.

However last year, Sophos found that some Android app developers did not cancel an app’s trial period when the app is uninstalled and they don’t receive a specific request from the user.

It was found that 24 Android apps were charging obscene fees (between $100 and $240 per year) for the most basic apps, such as QR/barcode readers and calculators. Such apps were called by the Sophos researchers as “fleeceware.”

According to a new report published, the researchers found another set of Android “fleeceware” apps that have continued to abuse the app trial mechanism to inflict charges to users after they uninstalled an app.

These apps were installed by more than 600 million users. According to Sophos mobile malware analyst Jagadeesh Chandraiah, the apps might have used third-party pay-per-install services to boost install counts and then bought fake five-star reviews to boost their ranking on the Play Store and attract a large number of users.

The list of 21 Fleeceware Android Apps includes Astrofun, Easysnap, VCUT, Face X Play, Fortunemirror, Filmigo, Go Keyboard, Go Keyboard Lite, Go SMS Pro, Go Recorder, Go Security, Z Camera, Master Recorder, S Photo Editor, Wonder Video, Clipvue, Filmix, Photo Recovery & Video Recovery, ScreenRecorder, V Recorder and V Recorder

It is not sure that whether all users who installed these apps signed up for a trial period, but those who did must end the trial period and delete them now. Just simple uninstallation alone won’t work. They are also are advised to check their Play Store payment history for any charges coming from past, now-uninstalled apps.

It is always better to avoid using Android apps with free trials. Those users who already have such apps, must read the terms and conditions properly.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Facebook patched a bug that exposed Page Admins Info

    Previous article

    P&N Bank discloses Data Breach

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *