CYBER NEWS

iOS Fleeceware Apps: the New Category of Bad Behavior

Have you heard of fleeceware applications?

This is a new term that describes apps designed to carry out new form of online scams. The term was coined by Sophos researchers referring to apps that leverage legal loopholes in the app trial mechanism in Android. Apparently, fleeceware apps are now targeting iOS devices as well.

What Is Fleeceware?

The term “fleeceware” refers to an entirely new category of applications that are neither unwanted nor malicious. However, these apps are designed to overcharge users in a very clever way, and thus, they shouldn’t be kept on devices.

Both Google Play Store and Apple App Store allow app developers to set up trial periods for commercial, paid and subscription apps. Thanks to this trial period, users can sign up for the app to try it by giving it permission to obtain a charge on the user’s app store account. Once the trial period is over, the user is charged automatically and able to use the app.

This is where fleeceware comes into play. These apps exploit the loophole that app makers can still charge users even after the specific app is uninstalled from the device. Why is this possible?

App store policies allow app developers to set up their own trial cancelation steps. In some cases, dubious app makers create complicated cancelation procedures to confuse users and continue charging them. Overcharging can go from a couple of dollars to hundreds of dollars.

Related:
The apps contained a Trojan clicker type of malware, which communicated with a known command-and-control server to simulate user interactions.
17 iOS Apps Infected with Trojan Clicker Lurked in Apple App Store

Last year, Sophos researchers discovered more than 50 Android apps that were described as fleeceware. They were abusing trial periods to charge large amounts of money for basic features that can be found free-of-charge – such as flashlight apps, horoscope apps, barcode scanners. These apps were charging fees from $100 to $240 per year.

The bad news is that fleeceware is now after iOS users and the Apple App Store. According to Sophos mobile malware analyst Jagadeesh Chandraiah, these apps include image editors, horoscope and fortune telling readers, QR code and barcode scanners, face filter apps. 32 such iOS apps have been identified charging users $30 a month or $9 a week.
For their successful installation, the apps relied on heavy advertising. It is noteworthy that some of these fleeceware apps are in fact some of the highest-grossing ones on Apple App Store.




This is how to cancel the subscription of such an app on your iOS device:

1. Open the Settings app.
2. Tap your name, then tap Subscriptions.*
3. Tap the subscription that you want to manage. Don’t see the subscription that you’re looking for?
4. Choose a different subscription option, or tap Cancel Subscription.If you don’t see Cancel Subscription, the subscription is already canceled and won’t renew.

These are the steps for Android:

1. Check if you’re signed in to the correct Google Account.
2. Tap the hamburger menu icon Subscriptions.
3. Select the subscription you want to cancel.
4. Tap Cancel subscription.
5. Follow the instructions.

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...