Avast discovers 200 new fleeceware apps on Play Store and App Store that extracted $5.3Mn from Indian users - Android

Get it on Google Play

Avast discovers 200 new fleeceware apps on Play Store and App Store that extracted $5.3Mn from Indian users - Android

We have all heard of malware, spamware and adware, as these terms…
Google Play Store

We have all heard of malware, spamware and adware, as these terms have become part of the cultural zeitgeist ever since technology took over our lives. However, among these, a relatively unknown type of ‘ware’-fleeceware, usually goes unnoticed, and is able to affect users in large numbers due to its anonymity. Well, Avast has got your back, and the leading digital security and privacy company has found 200 new fleeceware apps on Google’s Play Store and Apple’s App Store.

Before we get into the nooks and crannies of this topic, it’d probably be better to know what fleeceware apps are. Contrary to malware, adware, and other con apps, fleeceware apps do not try to steal your data or take control of your device. In fact, going by first impressions, they seem virtually harmless, with no treacherous coding. That is why neither Google nor Apple’s firewall stops them from being uploaded to their app stores. However, on closer inspection, you will find that these apps charge unusually high subscription fees, which are usually hidden.

An example of this would be a flashlight app that costs $66/ week.

According to Avast, these apps attract users with a promise of a free 3-day trial, with an unusually high subscription fee attached. Once the trial is over, users are charged a recurring subscription fee – even if they deleted the app by that time – until they cancel the subscription in their device’s app subscriptions settings.

Why should you care about a scam that you have never heard of? Because fleeceware apps are way more common than you probably think. In fact, according to Avast, in India, the 200 new fleeceware apps were downloaded nearly 12 million times from App Store and 84.5 million times from Google PlayStore, extracting almost $3.2 million from iOS and $2.1 million from Android users. These apps have been downloaded approximately one billion times and accrued over $400 million in revenue so far.

Moreover, one of the apps that Avast caught charged $66 per week subscription, which means that by the end of the year, a user would have paid $3,432 for an app that has 100s of free substitutes.

The company discovered these apps using its mobile threat intelligence platform apklab.io.

“The fleeceware applications we’ve discovered consist predominantly of musical instrument apps, palm readers, image editors, camera filters, fortune tellers, QR code and PDF readers, and ‘slime simulators’. While the applications generally fulfil their intended purpose, it is unlikely that a user would knowingly want to pay such a significant recurring fee for these applications, especially when there are cheaper or even free alternatives on the market,” said Avast’s Threat Analyst Jakub Vávra

“It appears that part of the fleeceware strategy is to target younger audiences through playful themes and catchy advertisements on popular social networks with promises of ‘free installation’ or ‘free to download’. By the time parents notice the weekly payments, the fleeceware may have already extracted significant amounts of money,” continued Vávra.

Avast has reported these apps to Google and Apple, and they will be taken down soon. Nonetheless, watch out for similar scams on app stores.

25/03/2021 11:06 AM