The creators of malware exploited Apple's ability to test applications for free. In case a user installed one of the infected ones applications, but he did not cancel the subscription, his malicious agents charged a large sum.
Applications that contained Fleeceware
As discovered by Sophos, 30 apps on Apple's official App Store, contained Fleeceware and charged a subscription between $ 30 per month and $ 9 per week after a 3 or 7 day trial period.
In case one of these applications remained installed on device for more than a year, the users could be charged from $ 360 to $ 468. These applications do not include separate features, only those that are usually offered in free or other paid applications.
Many of these apps were advertised for free on App Store, and when users installed them, a "free trial" notification would appear. These notifications also required users to provide payment card details and in most cases, applications could only be used after registration.
"Some users can sign up for an application without reading the notification, which includes the actual cost of subscriptions," says Sophos.
Apple's app store doesn't know how many users have installed the app, but many of them are on the list of top apps.
Earlier, Sophos had discovered applications with Fleeceware in Google Play Store, which caused several financial problems scams at the expense of users. It was estimated that these applications had been downloaded more than 600 million times.
These applications also received five-star ratings. It seems that their creators were somehow able to manipulate the reviews.
Here you can find the full list of malicious applications with Fleeceware.