Minecraft fans downloaded fleeceware from Google Play

Avast has discovered a fleeceware in the Google Play store, that fans of the popular video game Minecraft downloaded 5,000,000 times. They offer new skins, colourful wallpapers or mods for the game, but the subscription price is hundreds of dollars a month.

Researchers notified Google about seven fleeceware applications, but at the time of publication of the report, all of them were still active (you can see the list below).

Let me remind you that fleeceware applications exploit legal loopholes associated with the trial period mechanism. So, if after the end of the free period the user simply deletes such an application without cancelling the subscription, the money for using it will continue to be debited from the account.

For example, Android apps discovered last year were installed more than 600,000,000 times, ignored deletion and the end of the trial period, and continued to charge users a lot of money (from $100 to $240 per year) for basic tools such as QR code scanners and calculators. Gaming is a popular arena for fleeceware as add-on skins, wallpapers, virtual items, and mods may be highly sought by dedicated users. Some games — such as Fortnite — offer digital bolt-ons through in-game currency and features, and third-party developers may also try to capitalize on a game’s popularity to make an extra dollar or two.

Minecraft has been a hotbed of mods for years. Users of the popular game, developed by Mojang and snapped up by Microsoft in 2014 for $2.5 billion, are now being targeted through a wave of fleeceware apps that have made their way onto the Google Play Store.write ZDNet journalists.

Researchers have now discovered new “gaming” apps that follow the same pattern, but offer a three-day free trial. The app then automatically charges an additional fee of up to $ 30 per week without alerting the user.

Scammers hope that the user will forget about the installed application and its short trial version, or will not notice the real cost of the subscription. There are no average ratings in the reviews for such an app – mostly it is worth either 1 star or 5 – and its overall rating is very low.

The fraudulent scheme is designed for those who download the application regardless of the description written in small print. That is why children risk becoming victims of cybercriminals, because when downloading additional content for Minecraft, they may not read or understand the terms they accept when installing the application. We urge our customers to remain vigilant when downloading any applications from unknown developers and always carefully read user reviews and payment agreements before subscribing.said Ondřej David, Head of Malware Analysis at Avast.

The report notes that simply removing the fleeceware application is not enough. You also need to unsubscribe directly from the app store (Google Play → menu in the upper left corner → Subscriptions).

Specialists have detected the following malicious fleeceware applications in GooglePlay: