More than 600 million users installed Android ‘fleeceware’ apps from the Play Store – ZDNet

More than 600 million users installed Android ‘fleeceware’ apps from the Play Store – ZDNet

https://ift.tt/2u5XG32

fleeceware.png

Security researchers from Sophos say they’ve discovered a new set of “fleeceware” apps that appear to have been downloaded and installed by more than 600 million Android users.

The term fleeceware is a recent addition to the cyber-security jargon. It was coined by UK cyber-security firm Sophos last September following an investigation that discovered a new type of financial fraud on the official Google Play Store.

It refers to apps that abuse the ability for Android apps to run trial periods before a payment is charged to the user’s account.

By default, all users who sign up for an Android app trial period, have to cancel the trial period manually to avoid being charged. However, most users just uninstall an app when they don’t like it.

The vast majority of app developers interpret this action — a user uninstalling their app — as a trial period cancelation and don’t follow through with a charge.

But last year, Sophos discovered that some Android app developers didn’t cancel an app’s trial period once the app is uninstalled and they don’t receive a specific request from the user.

Sophos said it initially discovered 24 Android apps that were charging obscene fees (between $100 and $240 per year) for the most basic and simplistic apps, such as QR/barcode readers and calculators.

Sophos researchers called these apps “fleeceware.”

In a new report published yesterday, Sophos said it discovered another set of Android “fleeceware” apps that have continued to abuse the app trial mechanism to impose charges to users after they uninstalled an app.

These apps were installed by more than 600 million users. The number seems high, but Sophos mobile malware analyst Jagadeesh Chandraiah said he suspects the apps might have used third-party pay-per-install services to boost install counts and then bought fake five-star reviews to boost their ranking on the Play Store and attract a large number of users.

It’s very likely that not all users who installed these apps signed up for a trial period, but those who did might want to check their Play Store payment history for any charges coming from past, now-uninstalled apps.

The table below contains the names and other indicators for the 25 Android apps which Sophos says are engaging in fleeceware behavior. One of the apps — the GO Keyboard Lite keyboard app — has a history of shady behavior. Back in 2017, this app was caught sending back the text users were typing on their devices to servers in China.

sophos-fleeceware-round-2.pngsophos-fleeceware-round-2.png

Image: Sophos

NEWS

via Top stories – Google News https://ift.tt/2Jjuiww

January 15, 2020 at 04:04PM

What do you think about this?

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s