Apps downloaded 3.5 million times make unauthorized charges


Malicious fleeceware applications were spotted by security company Sophos on the App Store, according to a report released on Wednesday (8). Fleeceware consists of apps that offer relatively simple services (such as photo editing or astral map making) by signing up for a free trial period. The scam happens when the user forgets to cancel the test before the end of the gratuity and, then, he is charged subscriptions with values ​​above the normal.

According to Sophos research, 30 fleecewares were discovered in the Apple app store, which, added together, have been downloaded more than 3.5 million times. Until then, fleeceware threats had only been detected in the Play Store, Google’s store for Android devices.

The term fleeceware was coined by Sophos itself in September, when the cybersecurity company began to observe the behavior of this threat. While initial analyzes found its presence only on the Play Store, a new report indicates that the threat has also infiltrated the App Store, iPhone (iOS) and iPad store.

Among the 30 fleecewares discovered by Sophos, many offer common functions such as reading a QR code, editing photos with filters and effects, and astrological hand-reading or astrological chart services. However, despite the fact that most are labeled “free” on the App Store, many presented, at the first login, a form for the user to enter credit card data in order to use the app for a free trial period that usually lasts. three to seven days.

As the subscriptions charged for fleecewares are expensive, a forgotten person, for example, is at risk of being a victim by not canceling the subscription before the end of the gratuity. Figures from Sophos show that some of the apps reviewed offered plans of $ 30 (about R $ 156) per month or $ 9 (R $ 46.80, in direct conversion) per week.

Fleeceware apps on the App Store
Seer App: Face, Horoscope, Palm
Selfie Art – Photo Editor
Palmistry Decoder
Lucky Life – Future Seer
Life Palmistry – AI Palm & Tag
Picsjoy-Cartoon Effect Editor
Aging seer – Faceapp, Horoscope
Face Aging Scan-AI Age Camera
Face Reader – Horoscope Secret
Horoscope Secret
CIAO – Live Video Chat
Astro Time & Daily Horoscope
Video Recorder / Reaction
Crazy Helium Funny Face Editor
Banuba: Face Filters & Effects
QR Code Reader – Scanner
QR Code Reader & Barcode PRO
Max Volume Booster
Face Reading – Horoscope 2020
Forecast Master 2019
mSpy Lite Phone Family Tracker
Fortunescope: Palm Reader 2019
Zodiac Master Plus – Palm Scan
WonderKey-Cartoon Avatar Maker
Avatar Creator – Cartoon Emoji
iMoji – Cartoon Avatar Emojis
Life Insight-Palm & Animal Face
Curiosity Lab-Fun Encyclopedia
Quick Art: 1-Tap Photo Editor
Astroline astrology, horoscope
Celeb Twin – Who you look like
My Replica – Celebrity Like Me
How to protect yourself?
The first step in suspecting fleeceware is to question whether the service offered is really worth paying for. Malicious applications do not usually have unusual functions. As the list above indicates, they generally offer photo filters, hand reading and creating avatars – and these features are now available for free at app stores by trusted manufacturers.

In addition, it is recommended to avoid signing up for a free trial, no matter how tempting they are. The safest thing is to rely only on the temporary gratuity offered by brands already well known in the market. Another important point to pay attention to is the star rating of the app in the store. Many of the fleecewares observed by Sophos featured unsatisfied reviews that denounced the apps’ dangerous behavior.


Please enter your comment!
Please enter your name here