This is how these popular apps are now stolen from the Play Store

The problems of the Google Play Store applications seem to be endless. For every solution provided by the Internet giant's repository of tools, a Machiavellian mind devises a new method to steal personal data or money from unsuspecting users. There are applications that covertly hide and that the user accesses without realizing it; apps that ask for permissions that they shouldn't like flashlights that ask you to please take a look at your personal messages; and others even more sophisticated and, what is worse, new, like the ones we bring you today.

Theft of large amounts of money by simple apps

Security expert company SophosLab has just discovered a new batch of apps on the Play Store whose sole purpose, it seems, is to charge users huge amounts of money for utilities that can already make very cheap or outright free, such as QR code scanners or simple school calculators.

Cybercriminals take advantage of the in-app payment system (or in-app payment) that follows a certain trial period. Apps in the Play Store usually work like this: downloads are free, then you have a basic package of tools and a premium package that you can access by paying or trying for a certain time for free. At the end of the trial period, the user can uninstall the application,thus communicating that they no longer want to use it and avoiding additional charges.

This is how the new app subscription hoax works

The hoax works this way: when they open the app, the user is invited to try it out for a very short period of time, about three days. The user must enter a payment method within the app before they can even use it for the first time. The user does not realize that, in order not to be charged for the following month, they must expressly inform it, it is not enough to uninstall it. In the case of a simple GIF-making app, one user was charged €215 after the three-day trial period. An amount, as we can see, completely exorbitant, especially considering that the utility offered can be obtained by other means completely free of charge, even with Google's own applications.

These applications already have more than 20 million downloads in the Android Play Store. They do not contain viruses, that is not the problem. Their 'strategy' consists of violating and taking advantage of the subscription conditions of the applications. Because this is a new fraudulent mechanism that has just appeared, the company SophosLab has decided to call these apps 'Fleeceware' (from 'Fleece', to shear, peel) because they charge too much, and without warning, for free utilities in many other cases.

Once Google was alerted to this new method of stealing 'Fleeceware' from its store, it began removing some of the applications that carried it out. In total, 14 out of 15 were removed, subsequently discovering nine more applications with similar behavior, which are still available for download today