204 Fleeceware apps for Android and iOS make $400 million in revenue

[German]So-called fleeceware apps are probably good business for criminal developers. AVAST has come across 204 of these apps for Android and iOS and puts the damage at over $400 million.


Ccriminal developers manage to sneak apps for Android and iOS with fraudulent or malicious features past Apple and Google reviewers. Then these apps show up in the respective stores and can be downloaded by unsuspecting users.

What is fleeceware?

I first reported on the topic of fleeceware here on the blog in mid-February 2020 in the post Security information February 20, 2020. However, that referred to Android apps in the Google Play Store. Fleeceware is a new term introduced in September 2019 for a scam involving apps from the Google Play Store. It involves Android apps that offer free trial use. After the trial period expires, subscription fees then apply when the app is used – which is legal.

However, fleeceware apps charge users' accounts even though they have not extended the trial period. The trick: users have to cancel this subscription manually before the trial period expires. But since many people simply uninstall the app after the trial, the trial usage continues and turns into a paid subscription, even though the app is no longer used. Normally, app developers have to make sure that when an app is uninstalled, the subscription is also terminated.

New case of Fleeceware (Android/iOS).

Security researchers at AVAST recently discovered a total of 204 fleeceware apps with over one billion downloads and over $400 million in revenue in the Apple App Store and Google Play Store, as they write here. Again, as outlined above, the purpose of these apps is to lure users into a free trial to "test" the app. The fleeceware apps then trick users into unknowingly and unintentionally entering into a subscription, sometimes up to $3,432 per year, because they don't (can't) cancel the trial period and the subscription then automatically becomes active.

These apps usually do not even have unique functionality, but are just a means to an end to perform fleeceware scams. Mostly, they are musical instrument apps, palm readers, image editing apps, camera filter apps, fortune teller apps, QR code and PDF reader apps, and "slime simulators". Although the apps generally serve their purpose, it is unlikely that a user would knowingly want to pay such a significant recurring fee for these apps, especially when there are cheaper or even free alternatives on the market.


It seems that part of the fleeceware strategy is to target younger audiences through playful themes and catchy advertisements on popular social networks with the promise of a "free installation" or a "free download". The whole thing is supported by fake reviews in the stores. By the time parents notice the weekly payments, the fleeceware may have already extracted significant amounts of money.

Avast has reported the Fleeceware apps to both Apple and Google for review. More detailed information can be found in Avast's blog post. The security researchers have also linked to the GitHub list of affected apps for Android and iOS at the end of the article.

Similar articles:
Security information February 20, 2020
Over 3.6 million users install Fleeceware in iOS

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Software and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *