Friday, July 3, 23:23
Home security Apps with Fleeceware infected about 3.5 million iPhone users

Apps with Fleeceware infected about 3.5 million iPhone users


More than 30 applications in App Store of Apple, found to contain Fleeceware, malware used for financial fraud.

The creators of malware exploited Apple's ability to test applications for free. In case a user installed one of the infected ones applications, but he did not cancel the subscription, his malicious agents charged a large sum.

Applications that contained Fleeceware

As discovered by Sophos, 30 apps on Apple's official App Store, contained Fleeceware and charged a subscription between $ 30 per month and $ 9 per week after a 3 or 7 day trial period.

In case one of these applications remained installed on device for more than a year, the users could be charged from $ 360 to $ 468. These applications do not include separate features, only those that are usually offered in free or other paid applications.

Many of these apps were advertised for free on App Store, and when users installed them, a "free trial" notification appeared. These notifications also required users to provide payment card details, and in most cases, the applications could only be used after registration.

"Some users can subscribe to an app without reading the notification, which includes the actual cost of subscriptions," she said. Sophos.

Apple's app store doesn't know how many users have installed the app, but many of them are on the list of top apps.

Earlier, Sophos had discovered applications with Fleeceware in Google Play Store, which caused several financial problems scams at the expense of users. It was estimated that these applications had been downloaded more than 600 million times.

Some of these applications were discovered to have transferred the texts typed by users to servers who were in China.

These applications also received five-star ratings. It seems that their creators were somehow able to manipulate the reviews.

Here you can find the full list of malicious applications with Fleeceware.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement


Avaddon ransomware: Attacks through Excel 4.0 macros

Microsoft announced yesterday that Avaddon ransomware spread this week through an old technique that came to the fore again. The...

Apple: Prohibits updating Chinese Apps without permission

Apple is banning developers from updating existing apps in China's App Store if they don't have government approval.

Australia: Thousands of MyGov accounts are sold on the Dark Web

Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.

Party Time: Watch TV with your friends online

Party Time: Watch TV with your friends on the internet Time for a different party than you are used to, watching your favorite ...

CISA and FBI warn businesses of Tor's risks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to businesses regarding ...

openSUSE: The new Leap 15.2 hard drive has been released

Recently, the next stable version of the openSUSE operating system was released. According to the development team of the operating system, ...

What are the most popular types of malware?

Researchers are looking for the most common types of malware. During the investigation of the malicious activities, the researchers in cyberspace focus ...

REvil ransomware: Target the Light SA electricity company

The operators of REvil ransomware (also known as Sodinokibi) violated the Brazilian electricity company Light SA ...

LinkedIn: Our bug is due to an iOS problem

A representative of LinkedIn told ZDNet yesterday that an error in the iOS application was responsible for a seemingly "interfering behavior" that ...

Valak Info Stealer targets businesses in Europe and America

Many businesses in North and South America, but also in Europe, have fallen victim to the infamous Valak Info Stealer.