- Three new fleeceware VPN apps for the iOS have been spotted, and two remain available on the App Store.
- The apps have very positive reviews on the store, which is a method to trick more people into falling in this trap.
- In most cases, people got charged every week, no matter what they opted to do with their subscription.
Avast’s security researchers have been looking into iOS VPN (virtual private network) apps lately, discovering that some engage in scamming operations. More specifically, they have found three trying to trick users into buying excessively costly subscriptions that had a recurring period of a single week. This means that users would think that they’re buying a VPN app/service for a reasonable period, but they would get charged every week until they eventually realized it. If this sounds like a part of the growing “fleeceware” problem in the iOS App Store, you’re absolutely right.
The three fleeceware VPN apps are “Buckler VPN,” “Hat VPN,” and “Beetle VPN.” Although Avast has reported them all to Apple, the Beetle and the Buckler remain available at the time of writing this. Interestingly, Buckler VPN has an average user rating of 4.6 from 935 reviews, and Beetle VPN has a score of 4.8 from 1.5k ratings. These are really amazing scores that should indicate that the apps are awesome to use from every point, but of course, these scores are achieved by paying for fake reviews. If someone were to dig through, they’d find quite a lot one-star reviews warning others that these apps are scams that won’t even let them cancel their subscriptions. Unfortunately, these honest and true reviews are drowned in the crowd.
All three of these VPN apps offer a “free of charge” three-day trial and then begin charging the users $9.99 per week. That’s almost forty USD per month or a whopping $479.5 per year – for a mobile VPN app! Many users are reporting that even though they selected not to subscribe to the app, and actually uninstalled from their devices after the trial ended, they still got charged. The only way they managed to stop it was by contacting their banks, and in some cases, they were issued a new card while the other one was canceled.
So, if you want a takeaway from this story, it would be to avoid the aforementioned apps, don’t install anything without properly checking the most recent 10-20 reviews, and always report suspicious findings to Apple. These apps should see the exit of the App Store soon, but they will return under a different name and branding. It means that users should remain vigilant at all times until Apple finds a way (or the will) to tackle fleeceware once and for all.