Apps downloaded 3.5 million times make unauthorized charges

Aplikasi yang diunduh 787.000 kali membuat biaya yang tidak semestinya dari pengguna

Malicious apps like fleeceware were caught by security company Sophos on the App Store, according to a report released on Wednesday (8).

Fleeceware it consists of apps that offer relatively simple services (such as photo editing or astral map making) by signing up for a free trial period.

The scam happens when the user forgets to cancel the test before the end of the gratuity and, then, he is charged subscriptions with values ​​above the normal.

  • Paying by card or cell phone is the target of a blow at Carnival
  • #Stay at Home: see how to protect yourself during quarantine

According to Sophos research, 30 fleecewares at the Apple app store that, added together, have been downloaded more than 3.5 million times.

Until then, threats of the type fleeceware they had only been detected in the Play Store, the Google store for Android devices.

1 of 2 App Store contains fleecewares downloaded many times – Photo: Marvin Costa / dnetc

App Store contains frequently downloaded fleecewares – Photo: Marvin Costa / dnetc

Want to buy cell phones, TV and other discounted products? Discover Compare dnetc

The term fleeceware was coined by Sophos itself in September, when the cybersecurity company began to observe the behavior of this threat.

While initial analyzes found its presence only on the Play Store, a new report indicates that the threat has also infiltrated the App Store, iPhone (iOS) and iPad store.

Among the 30 fleecewares discovered by Sophos, many offer common functions such as reading a QR code, editing photos with filters and effects, and astrological hand-reading or astrological chart services.

However, despite the fact that most are labeled «free» on the App Store, many presented, at the first access, a form for the user to enter credit card details in order to use the app for a free trial period that usually lasts.

three to seven days.

Since subscriptions charged for fleecewares they are expensive, a forgotten person, for example, is at risk of being a victim by not canceling the registration before the end of the gratuity.

Figures from Sophos show that some of the apps reviewed offered plans of $ 30 (about R $ 156) per month or $ 9 (R $ 46.80, in direct conversion) per week.

Fleeceware apps on the App Store

  • Seer App: Face, Horoscope, Palm
  • Selfie Art – Photo Editor
  • Palmistry Decoder
  • Lucky Life – Future Seer
  • Life Palmistry – AI Palm & Tag
  • Picsjoy-Cartoon Effect Editor
  • Aging seer – Faceapp, Horoscope
  • Face Aging Scan-AI Age Camera
  • Face Reader – Horoscope Secret
  • Horoscope Secret
  • CIAO – Live Video Chat
  • Astro Time & Daily Horoscope
  • Video Recorder / Reaction
  • Crazy Helium Funny Face Editor
  • Banuba: Face Filters & Effects
  • QR Code Reader – Scanner
  • QR Code Reader & Barcode PRO
  • Max Volume Booster
  • Face Reading – Horoscope 2020
  • Forecast Master 2019
  • mSpy Lite Phone Family Tracker
  • Fortunescope: Palm Reader 2019
  • Zodiac Master Plus – Palm Scan
  • WonderKey-Cartoon Avatar Maker
  • Avatar Creator – Cartoon Emoji
  • iMoji – Cartoon Avatar Emojis
  • Life Insight-Palm & Animal Face
  • Curiosity Lab-Fun Encyclopedia
  • Quick Art: 1-Tap Photo Editor
  • Astroline astrology, horoscope
  • Celeb Twin – Who you look like
  • My Replica – Celebrity Like Me
2 of 2 Play Store also has the presence of fleeceware – Photo: Rodrigo Fernandes / dnetc

Play Store also features fleeceware – Photo: Rodrigo Fernandes / dnetc

The first step in suspecting fleeceware is to question whether the service offered is really worth paying for.

Malicious applications do not usually have unusual functions.

As the list above indicates, they generally offer photo filters, hand reading and creating avatars – and these features are now available for free at app stores by trusted manufacturers.

In addition, it is recommended to avoid signing up for a free trial, no matter how tempting they are.

The safest thing is to rely only on the temporary gratuity offered by brands already well known in the market.

Another important point to pay attention to is the star rating of the app in the store.

Many of fleecewares observed by Sophos presented dissatisfied reviews that denounced the dangerous behavior of apps.

WhatsApp message for Emirates free tickets scam? Check out the dnetc Forum.

What is ransomware: five tips to protect yourself

What is ransomware: five tips to protect yourself