Security researchers from Sophos have published a report showing that Apple’s and Google’s app stores are riddled with ChatGPT programs that are nothing but “fleeceware” – software that quietly sticks users with subscription fees. The reports came after Facebook warned that hackers are masquerading as ChatGPT malware. These scam apps take advantage of people who have heard about ChatGPT but don’t have much additional context for how to access it themselves.
One of those apps seen by the security researchers advertised on social media lures users in with a “free trial subscription” that later charges huge monthly fees when it auto-renews through the App Store or Google Play. One app called Chat GBT advertised itself as “free”, but after three uses, the software locked up and offered a three-day free trial attached to a $10 per month “pro” subscription to kick in after the trial period. Another app, “GAI Assistant”, operates similarly to Chat GBT but charges $6 per week.
Most of the app offers the version of OpenAI’s ChatGPT made available for free to users, but their services were filled with ads to cull even more money from the fleeceware. Irrespective of the bad reviews, the app programmers attached enough fake five-star reviews to deceive newcomers. Have an hide VPN installed for your Android, iPhone, or PC to enjoy complete security while surfing the internet.
The scammers don’t care about being caught. It's all about making as much money as possible before the app is removed by Apple or Google. Once that happens, the scammers rename the same software and send it off for review as if it were new. Most of the apps studied by Sophos security researchers have made more than $15,000 each last month, and one of them, named Genie, raked in $700,000 in April alone.
Sophos gladly informed Apple and Google of their findings, and they both removed the apps from their store. Also, Sophos confirmed that Apple and Google have previously deleted similar apps with similar hidden intentions, and Google had recently addressed Android malware that infiltrates 60 play apps with over 100M installs. However, an app’s removal from the store does not remove it from the device nor negate the subscription’s auto-renewal. The security experts advised users who had the subscription version of the app to go into their phone settings and cancel the subscription manually.