Minecraft Apps on Google Play Fleece Players Out of Big Money

minecraft fleeceware apps google play android

Seven mobile apps for Android sneakily charge fans of Minecraft and Roblox hundreds of dollars per month.

Fans of the popular Minecraft video game are in the crosshairs of cybercriminals, who have loaded up Google Play with scam apps bent on fleecing players out of cash.

According to researchers, the mobile apps for Android fool users into spending hundreds of dollars per month, by offering skins, wallpapers and game mods for Minecraft and other games at super-premium prices. These “fleeceware” offerings start with a “free trial” period but then automatically and quietly start charging up to $30 per week after that. The charges show up on victims’ phone bills, where they may or may not be noticed. Users can easily find themselves paying hundreds of dollars for the app over time, researchers noted.

“Fraudsters expect the user to forget about the installed application and its short trial, or fail to notice the real subscription cost,” Avast researchers explained, in a posting on Tuesday. “Scams of this nature take advantage of those who don’t always read the fine print details of every app they download. In this case, young children are particularly at risk because they may think they are innocently downloading a Minecraft accessory, but not understand or may not pay attention to the details of the service to which they are subscribing.”

Avast found and reported seven apps to Google, but as of Wednesday, they were all still active. Five of them have more than a million downloads each, and the other two have more than 100,000 installs. Google did not immediately respond to a request for comment.

Ondrej David, malware analysis team lead at Avast, noted: “We urge our customers to remain vigilant when downloading any app from unknown developers and to always carefully research user reviews and billing agreements before subscribing.”

In the case of the seven most recent apps, the reviews tend to be either a one- or five-star, with nothing in-between, and most have a low-star rating overall, according to the firm.

The offending apps, all likely the work of the same author, are: Mods, Maps for Minecraft PE; Skins for Roblox; Live Wallpapers HD & 3D Background; MasterCraft for Minecraft; Master for Minecraft; Boys and Girls Skins; and Maps Skins and Mods for Minecraft.

Google has made a concerted effort  to try to eliminate bad apps for its Android mobile platform on the Google Play store – but fleeceware often sneaks past Google’s radar in significant numbers, according to security researchers.

A Sophos report earlier this year found that these type of apps have been installed nearly 600 million times on 100 million plus devices.

“As we saw last fall, there were a wide variety of entertainment or utility apps, including fortune tellers, instant messengers, video editors and beauty apps,” researchers wrote at the time. “And just like last time, user reviews reveal serious complaints about overcharging, and that many of these apps are substandard, and don’t work as expected.”

And Google is not alone in being plagued by this type of scam. In April, Sophos researchers found more than 30 examples of fleeceware apps for iPhone on Apple’s App Store.

These were mainly image editors, horoscope apps, QR code or barcode scanners, and face filter apps targeted at younger generations, researchers said. Each racked up between 500,000 downloads (Selfie Art – Photo Editor) to 1 million downloads (mSpy Lite Phone Family Tracker), they noted. And one of these apps, Zodiac Master Plus, was listed as the 11th-highest revenue-generating app on Apple’s App Store at the time.

2020 Healthcare Cybersecurity Priorities: Data Security, Ransomware and Patching

Hackers Put Bullseye on Healthcare: On Nov. 18 at 2 p.m. EDT find out why hospitals are getting hammered by ransomware attacks in 2020. Save your spot for this FREE webinar on healthcare cybersecurity priorities and hear from leading security voices on how data security, ransomware and patching need to be a priority for every sector, and why. Join us Wed., Nov. 18, 2-3 p.m. EDT for this LIVE, limited-engagement webinar.



Suggested articles

biggest headlines 2020

The 5 Most-Wanted Threatpost Stories of 2020

A look back at what was hot with readers — offering a snapshot of the security stories that were most top-of-mind for security professionals and consumers throughout the year.