Sophos Fleeceware Report

Sophos finds fleeceware apps ‘still exist’ in Google’s Play Store

Cybersecurity firm Sophos revealed that after doing research, it found that Google Play still carries quite a number of fleeceware apps that violate newly released advertising policies. Fleeceware apps don’t send anything malicious but deceive users in hidden charges while advertising otherwise.

Sophos’ report titled “Truth-in-Advertising Policy Fails to Curb Fleeceware” details how app publishers are deceiving app users and violating Google’s Play Store’s new terms of service.

In Google’s updated developer policies released in June, it highlighted transparency on the “true terms and cost of subscription-based apps licensed through the Android Play Store.”

Sophos updates endpoint detection, response solution to quickly identify, respond to threats

Sophos discovers Emotet malware back in action after brief hiatus

The team as Sophos also found fleeceware creators use misleading language to appear compliant, but are still attempting to dupe unwary users into subscribing for extortionate amounts of money, with some simple wallpaper charging close to $92 a week. There are some that lure customers to downloading their apps and not providing them an option to opt-out when the billing screen pops up. Other charges are so inconspicuous that they are written at the smallest font size.


The most unnerving of the findings is luring users in exploring the app further until they get to the subscription page without the exit page. Some apps charge for “free trials” which is outright ludicrous and revolting at the same time. How can people charge for something it says is “free”?

In the latest terms and conditions, Google laid out restrictions in the Play Store but Sophos found that it does not restrict how much an app subscription can or should cost. In the United States, it has a subscription rate ceiling of $400 and in many countries, the maximum is set in the local currency at a roughly equivalent value. However, Sophos said that “the loophole doesn’t specify the duration of the subscription that can charge that maximum amount. Is it $400 a year, $400 a month, or $400 a week? Any developer can take advantage of this loophole to charge you hundreds of dollars per week.”

Sophos shares the following steps on how to spot and avoid money-snatching fleeceware apps:

  • Check apps for greyed-out/tiny fine print that could include important information on subscription prices
  • Be wary of ‘free trials’, these tend to only last a few days before whacking customers with a hefty automatic subscription
  • Avoid generic, unrecommended apps such as photo editors or wallpaper designers, as these seem to be the most common fronts for fleeceware
  • Report apps you spot which seem to charge extortionate prices for simple services

Categories: Uncategorized

Tagged as: , , , , ,