Australian smartphone users have been the biggest victims of any country for a new breed of malicious software costing the nation millions of dollars through hidden fees within apps. According to global online security company Avast, Australia’s 10 million downloads of fleece apps were the highest of any country in the Apple App Store and Google PlayStore – costing the government $9.9m.
Fleeceware is designed to severely overcharge users for mobile apps providing simple functions that are free or cheap in other apps. Fleeceware app developers take advantage of users by offering free trial periods. Suppose a user who downloads and installs a fleece app has not uninstalled it and unsubscribed in their subscription settings before the trial ends. In that case, the app developer begins to charge the user exorbitant fees.
The Apple App Store has 25 fleece apps with hidden or disguised fees of $500 or more a year. The top offender is “Flame”, a dating app that, while disclosing its annual payment of $119.99, can max out at almost $780 yearly. A range of apps – from ‘” Nebula: Horoscope and Astrology” to “Factory: Face Yoga and Exercise” – have annual subscriptions of $29.99 but can max out to almost $520 a year.
Of the applications, Avast discovered ranged from $4 to $12 a week or between $208 and $624 per year. LisIn some cases, users can be charged as much as $66 per week, totaling $3432 a year. t of fleece are apps in the Apple App Store can be found here, while a list in the Google play store can be found here.
Avast security experts have reported 200 fleece applications to Apple and Google for review. An estimated one billion downloads of fiber apps globally have accrued more than $400m in revenue for developers. Fleeceware applications are advertised on major social networks such as Facebook, Instagram, Snapchat, and TikTok.
Avast threat analyst Jakub Vávr said most users would not download fleece, which posed as cheap, everyday apps, if they knew the whopping fees involved. “The fleece applications we’ve discovered consist predominantly of musical instrument apps, palm readers, image editors, camera filters, fortune tellers, QR code and PDF readers, and slime simulators,” Mr. Vávr said.
“While the applications generally fulfill their intended purpose, it is unlikely that a user would knowingly want to pay such a significant recurring fee for these applications, especially when there are cheaper or even free alternatives on the market.” Mr. Vávr also said younger users whose parents paid for their smartphones were easy targets.
“It appears that part of the fleece’s strategy is to target younger audiences through playful themes and catchy advertisements on popular social networks with promises of ‘free installation’ or’ free to download’,” he said. Avast security experts recommended users avoid fleece apps by being careful with free trials of less than a week, reading the fine print carefully within each app, and securing their payments. “By the time parents notice the weekly payments, the fleece may have already extracted significant amounts of money.”