Security researchers from Sophos say they’ve discovered a new set of “fleeceware” apps that appear to have been downloaded and installed by more than 600 million Android users.
The term fleeceware is a recent addition to the cyber-security jargon. It was coined by UK cyber-security firm Sophos last September following an investigation that discovered a new type of financial fraud on the official Google Play Store.
It refers to apps that abuse the ability for Android apps to run trial periods before a payment is charged to the user’s account.
By default, all users who sign up for an Android app trial period, have to cancel the trial period manually to avoid being charged. However, most users just uninstall an app when they don’t like it.
The vast majority of app developers interpret this action — a user uninstalling their app — as a trial period cancelation and don’t follow through with a charge.
But last year, Sophos discovered that some Android app developers didn’t cancel an app’s trial period once the app is uninstalled and they don’t receive a specific request from the user.
Sophos said it initially discovered 24 Android apps that were charging obscene fees (between $100 and $240 per year) for the most basic and simplistic apps, such as QR/barcode readers and calculators.
Sophos researchers called these apps “fleeceware.”
In a new report published yesterday, Sophos said it discovered another set of Android “fleeceware” apps that have continued to abuse the app trial mechanism to impose charges to users after they uninstalled an app.