The new set of 25 Android apps illegally charged users at the end of the trial period.
Sophos security researchers said they found a new “fleeceware” app that appears to have been downloaded and installed by more than 600 million Android users.
The term fleece is a recent addition to cyber security jargon. In September, the British cybersecurity company Sophos was created based on a survey that discovered a new type of financial fraud in the official Google Play store.
Indicates an app that abuses the ability of the Android app to run a trial period before payment is charged to your account.
By default, all users who sign up for an Android app trial must manually cancel the trial period to avoid billing periods. But most users uninstall the app when they don’t like it.
Most app developers consider this action (if the user uninstalls the app) to cancel the trial period and do not charge for it.
However, last year Sophos found that after some Android app developers uninstalled an app, they did not cancel the trial period of the app and did not receive a specific request from the user.
Sophos said it first discovered 24 Android apps ($ 100-240 per year) that charge lewdly for the most basic and simple apps, such as QR / barcode readers and calculators.
Sophos researchers called this app “fleeceware”.
In a new report released yesterday, Sophos said that users found another set of Android “fleeceware” apps that continue to abuse the app rating mechanism to charge you after uninstalling the app.
The app has been installed by over 600 million users. Jagadeesh Chandraiah, Sophos mobile malware analyst, appears to suspect that the app used a third-party Pay-Per-Install (PPU) service to increase the number of installs, and boosted its ranking on the Play Store by purchasing fake five-star reviews. Attract a large number of users. Not all users who have installed these apps have registered during the trial, but you may want to check your Play Store payment history for any charges incurred by past apps that are not installed now.
The table below contains the names and other indicators of the 25 Android apps that Sophos is involved in woolly behavior. One of the applications, which is one of the GO Keyboard Lite keyboard applications, has shady behavior. In 2017, the app caught sending text entered by the user back to the server in China.