Sophos researchers have unearthed 23 very dangerous apps that steal users' money. Here's what they are

Delete these 23 dangerous fleeceware apps from your smartphone now

They returned, but no one missed them. What are we talking about? Of the fleeceware apps, a particular type of applications capable of stealing from users even more than 200 euros with a single click . Sophos researchers have discovered 23 apps that deceive users and activate very expensive monthly subscriptions without their knowledge.

Sophos researchers have unearthed 23 very dangerous apps that steal users' money. Here's what they are

This is certainly not new, we had talked about their danger on other occasions, but it seemed that Google had managed to limit their power by changing the terms of use within the Play Store. But as the saying goes: “made the law, found the deception”. According to reports from Sophos computer researchers, the developers have discovered a flaw in the rules of the new Google store policy and have managed to publish 23 apparently free applications , but which after a certain amount of time activate subscriptions that reach up to a price of $ 249. Withdrawn directly from the user’s account. And everything is legitimate: it is the user himself who authorizes the payment when he installs the app, even if he is not aware of it.

What are “fleeceware” apps

They do not install any kind of virus, no malware, no spyware that can spy on the user: in the eyes of any antivirus, fleeceware apps are absolutely legitimate. But they are not dangerous for this. And to make us understand it is precisely the term fleeceware, created specifically by Sophos researchers to categorize this type of app.

In English the verb “to fleece” means “to undress”, “to shear” or even “to peel”. And that’s exactly what fleeceware apps do : they “skin” users by stealing their money to activate monthly subscriptions at a very high cost. And they do it without the knowledge of the person, who is directly charged to the current account.

How can such a thing happen? Because the developers are very good at hiding the fact that after a trial period the subscription starts automatically. The user installs the app and thinks it’s free forever, but it’s not. During the installation phase, the app warns the user of the automatic activation of the subscription once the trial period is over, but unfortunately very few people read the Terms of Use.

Fleeceware apps have evolved

To put an end to this scam, Google has changed the Terms of Use in recent months to make it clearer to the user when an app is subscribed after the trial period. As often happens in these cases, however, developers have already found a way to revive fleeceware apps, using two new tactics called Blind Sub and Spam Sub .

In the first case, when a person opens one of these apps, he finds in the home a button that says “Try for free”. After pressing the button, the billing terms appear, but they do not make it clear that after the free trial period a paid subscription starts.

The second method, however, is even more subtle. Just download an app, subscribe to the service that seems to be free, to see activated a mass subscription to a series of connected services that the user does not even know exist. This way the scammers are able to maximize the profit, even if only for a month.

What are the 23 apps to delete immediately from the Android smartphone

Sophos has also published a list of 23 fleeceware app available on the Google Play store and that have not been eliminated. In addition to the name of the applications, they have also published the price of the monthly or weekly subscription and the revenue made from the apps with this ploy. Here’s the full list:

com.photoconverter.fileconverter.jpegconverter – $ 249.99 / € 224.99 / year – $ 8k
com.recoverydeleted.recoveryphoto.photobackup – $ 249.99 / € 224.99 / year- $ 60k
com.screenrecorder.gamerecorder.screenrecording – $ 249.99 / € 224.99 / year- $ 10k
com.photogridmixer.instagrid – $ 229.99 / € 219.99 / year – $ 5k
com.compressvideo.videoextractor – $ 229.99 / € 219.99 / year – $ 10k
com.smartsearch.imagessearch – $ 229.99 / € 219.99 / year – $ 30k
com.emmcs.wallpapper – $ 89.99 / week – $ 20k
com.wallpaper.work.application – $ 89.99 / week – $ 30k
com.gametris.wallpaper.application – $ 89.99 / week – $ 30k
com.tell.shortvideo – $ 89.99 / week – $ 10k
com.csxykk.fontmoji – $ 89.99 / week – $ 40k
com.video.magician – $ 89.99 / week – $ 30k
com.el2020xstar.xstar – $ 89.99 / week – $ 10k
com.dev.palmistryastrology – $ 69.99 / week – $ 5k
com.dev.furturescope – $ 69.99 / week – $ 90k
com.fortunemirror – $ 69.99 / week – $ 20k
com.itools.prankcallfreelite – $ 44.99 / year – $ 5k
com.isocial.fakechat – $ 45.99 / year – $ 5k
com.old.me – $ 94.99 / year – $ 5k
com.myreplica.celebritylikeme.pr – $ 12.99 / € 10.99 / week – $ 5k
com.nineteen.pokeradar – Pay per install
com.pokemongo.ivgocalculator – Buggy app
com.hy.gscanner – $ 79.99 / year – $ 5k

How to protect yourself from the fleeceware app

There is no tool or application that can protect you from this type of scam . The only thing is to report to the Google Play Store and the App Store the presence of this type of app when you encounter one so that it is immediately deleted.

Adobe Flash trap for Android scam is redirecting the user to a web page with the address flash-update dot info. Obviously this is a fake page

Dangerous Malware in the name of Android Adobe Flash

The problem not only affects the mobile operating system of the Mountain View, but it is surprising that he finds himself much more frequently in it than in desktop operating systems. Users are unaware that Adobe Flash is no longer available for Android. This allows them to continue downloading fake versions that are actually dangerous malware and viruses.

Adobe Flash trap for Android scam is redirecting the user to a web page with the address flash-update dot info. Obviously this is a fake page

You do not need to worry if you install apps only from the Google Play Store. Fortunately, this situation is quite controlled in Play Store. However, when surfing the Internet is where the problem appears. The bombardment of fake ads is a constant, but many users do not know how to differentiate this content from legitimate source. This stands for the download of applications that many times can pose a problem for the security of your device and the privacy of the information.

This type of content is shown mostly by using pages that promise to view content for free, especially series and movies. Finding the right link is often an odyssey for the user and clicking on a fake ad is almost 100% guaranteed on the first try.

Many users, instead of verifying the veracity of the information, continue with the process and download everything that is suggested to them. In this case, a fake Adobe Flash update.

Fake adobe flash versions

The latest scam is redirecting the user to a web page with the address flash-update dot info. Obviously this is a fake page, but it has the same appearance as the official Adobe used for its software.

Adobe Flash trap for Android continues to be effective

If its distribution continues it is that the number of downloads of the false apk continues being elevated. Security experts have analyzed the malware that is being distributed and is far from mere adware . What is meant is that among other things it has the power to access the stored information, both in the memory of the mobile or tablet terminal as the external. It can monitor the operations performed by the user with the terminal and collect the data entered thanks to a keylogger .

For all of this to occur, the user must provide these permissions during the installation process, which also happens frequently, since few consult what are the required permissions.

Users feed these scams

As in the case of ransomware , where payment of the requested amount allows for the development of new versions and improvement of existing versions, the number of downloads of fake versions of Adobe Flash allows cybercriminals to continue to promote these Content through various web pages. Until users download the files, the free content distribution web pages will continue to offer malware . A price too expensive for the security of the device and the data stored in it for the sole purpose of viewing a chapter of a series or a movie.

Are you the one who has been affected by a fake version of Adobe Flash? Tell us about your experience.