Identify fleeceware, a new threat from a user money withdrawal application

Fleeceware is weird, because nothing looks malicious in the source code of these applications, but they can still be used to cash out users with unclear high-cost ways.
Facts: The Internet and unpredictable dangers
Downloading mobile apps from official stores such as Google Play and the Apple App Store is considered safer, but even then there's the risk of malicious apps sneaking in.

You may have heard about spyware (spyware), adware (adware) and malware (malware), but now there is one type of application to be careful about: fleeceware.

Fleeceware is weird, because it doesn't appear malicious in the code of these applications. They do not steal your data or attempt to gain control of your device, which is unlike malware that Google and Apple inspection processes process.

Instead, this tactic uses apps that work exactly as advertised, but come with an exceptionally high hidden subscription fee. A flashlight app that costs $ 9 per week or a basic photo filter app that costs $ 30 per month is fleeceware, because you can have the same type of tool for free or much cheaper.

Sophos, the security company coined the term fleeceware, found 25 such apps on Google Play in January this year with a total of over 600 million downloads. In early April, the researchers also pointed to 30 apps in the App Store of the iOS platform falling into this category. According to Forbes.com, VPN apps for iOS are Beetle VPN, Buckler VPN and Hat VPN Pro, all of which can be considered fleeceware.

"In a market economy, you might think that if someone wants to waste $ 500 a year on a flashlight app, that's their problem," said John Shier, senior security advisor at Sophos. "But it is an unreasonably high price that you have to pay and it is not done properly. That is unethical to me."

Although fleeceware doesn't take your data or hijack your device, they often ignore the standards that Apple and Google set about when and how developers can charge fees. in-app billing and subscription fees.

Some fleeceware promise to offer a trial period but remind you to pay the first time you open the application. Other fleeceware notices that the subscription fee will be an amount, but then actually charges higher when it comes to payment. And the applications also take advantage of users who do not know how to cancel the subscription to continue charging, even though they have long deleted the application. "The App Store supports a trial period when you sign up for a subscription and is free for a while, but then it will help," said Thomas Reed, an Apple-based security researcher at system monitoring firm Malwarebytes. charge if you do not cancel before the end of the free period. Fleeceware will postpone the credit card in the hope that the user will not know what those charges are later. "

Fleeceware can siphon money off users by charging unclear charges.

Reed also pointed out that some iOS-enabled software applications a few years ago tricked users into confirming something that didn't seem as important as TouchID, but that it actually approved a hidden payment. Apple has now banned this type of trap.

Sophos researchers share that many fleeceware they saw last year were only charged annually, but scammers are tending to switch to receiving monthly or weekly payments. It could be an attempt to reduce price shock, allowing scammers to charge more over time and attempt to make payments mixed with other online services, legitimate subscription applications that People are using.

In addition, Sophos researchers suspect that many fleeceware developers use "zombie" accounts to rate the five stars for an app or inflate the number of downloads to make the app look more reliable.