23 ‘fleeceware’ apps found in Google Play Store: Sophos

Google Play Store usually gets apps with malware lurking around. Google continues to update the Play Store's security to make sure such apps either don't get approved or are removed. In the latest discovery, Sophos researchers have revealed that there were around 23 “fleeceware” apps in the Google Play Store.

Fleeceware apps as the name suggests trick users into paying huge amounts of subscription fees for services. App developers tricked users by making the terms and conditions of their app subscription sign-up pages difficult to read. Based on the discovery, Google had actually updated its developers policies in June. The update required app developers to inform consumers about the intricacies of the subscription-based apps in the Play Store.

Even with the policies, some apps have still managed to form a workaround. These apps have been designed in such a way that they appear compliant with Google's Play Store policies. But they're actually bypassing these restrictions. Sophos has detailed some of the new tricks implemented by such bad actors.

Sophos found that most of these apps prompt users to start the subscription immediately. This is done through offers to “Try FOR Free” or “Start Free”. Users who agree to this free trial end up actually paying for the subscription later unaware. This isn't allowed but some apps still try to do it.

Another way is through spam subscription. So when a user is subscribing to one app, they end up subscribing to more apps and pay for those apps as well. There are no details of the subscription revealed to the user. One sneaky way is to disclose the terms and conditions but using very small fonts that make it unreadable and something the user will most likely skip.

Sophos has revealed the full list of fleeceware apps it found in the Play Store. These apps charge up to $249 ( ₹18,500 approx) per year. You can check the full list of apps here.