Avast discovers 200+ Fleeceware apps on Apple App and Google Play Stores

Avast, a global leader in digital security and privacy, has discovered more than 200 new fleeceware applications on the Apple App Store and the Google PlayStore. In India, the fleeceware apps were downloaded nearly 12 million times from App Store and 84.5 million times from Google PlayStore, extracting almost $3.2 million (INR 234,019,200) from iOS and $2.1 million (15,25,87,575 INR) from Android users. The apps have been downloaded approximately one billion times and accrued over $400 million in revenue so far. Avast has reported the fleeceware applications to both Apple and Google for review.

The applications attract users with a promise of a free 3-day trial, with an unusually high subscription fee attached. Once the trial is over, users are charged a recurring subscription fee – even if they deleted the app by that time – until they cancel the subscription in their device’s app subscriptions settings. One of the apps, for example, offers a short free trial followed by a $66 (4,795.61 INR) per week subscription, potentially costing the victim $3,432 (2,49,403.78 INR) per year unless cancelled.

Avast’s Threat Analyst Jakub Vávra, “The fleeceware applications we’ve discovered consist predominantly of musical instrument apps, palm readers, image editors, camera filters, fortune tellers, QR code and PDF readers, and ‘slime simulators’. While the applications generally fulfil their intended purpose, it is unlikely that a user would knowingly want to pay such a significant recurring fee for these applications, especially when there are cheaper or even free alternatives on the market,”

Avast researchers discovered the Android fleeceware applications via its mobile threat intelligence platform apklab.io, and then expanded their research to the Apple App Store.