The cybersecurity researchers at Avast have recently found a total of 204 Fleeceware apps with a billion downloads and nearly $400 million in revenue from the Apple App Store and Google Play Store.
Technically if we say, then Fleeceware apps are not malware, as they don’t contain any malicious code to steal data and hack the device.
Their main motive is to attract every user into a free trial so that they can “test” the app, and later, they secretly overcharge the user or the victim by their subscriptions that run as high as $3,432 per year.
In short, they trick their victims into installing a free “trial” and then charge large amounts for a “subscription.” Apparently, this method of generating income from apps continuously gaining high popularity among threat actors.
According to the report presented by Avast, in total there are 134 applications were found in the Apple App Store with 500 million downloads, which brought a hefty revenue of more than $365 million to their developers.
While in the case of Google Play Store, there are 70 Fleeceware applications were discovered with more than 500 million downloads, which brought the developers $38.5 million in revenue.
Fleeceware is one of the mobile apps, that has the most expensive subscription fees. There are several application that provides a free trial to draw the attention of the users, but in the case of Fleeceware is not same.
But, here, the main goal of Fleeceware is that it generally takes advantage of users who are not familiar with how subscriptions work especially on mobile devices.
It means that users can be imposed even after they have destroyed the offending application. However, the most important thing is that if the user deletes the application without cancelling the subscription within their device’s app market settings, they will continue charging you for the same.
So, the developers will generate income from their creations, and this is completely legal. But, it can be difficult for general users to figure out how to avoid these subscription fees.
The most interesting fact is that this application is also available for official advertisement channels so that it can spread the Fleeceware scheme.
These developers of these applications are actively promoting these apps on major social networking platforms (Facebook, Instagram, Snapchat, and TikTok).
Due to the scheme’s productive nature, most of the threat actors or malicious developers are is likely investing plentiful amounts of money to enhance the further development of these apps.
The cybersecurity researchers have stated some key points to avoid Fleeceware scams, and here we have mentioned them below:-
In the case of iOS, users need to follow the steps that are mentioned below:-
In the case of Android, users need to follow the steps that are mentioned below:-
Apart from this, both Google and Apple are not accountable for returns after a specific period of time. Moreover, both the companies may wish to refund as a goodwill gesture in several cases.
According to the reviews, it suggests that the Fleeceware devices either neglect the complaints or the claim users should have known about the subscription fees.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity, and hacking news updates.
Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from the Indonesian…
IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating system…
The Apache Software Foundation has issued a security alert regarding a critical vulnerability in Apache…
The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber espionage…
A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing millions…
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through…