{"id":22025,"date":"2023-05-17T03:21:00","date_gmt":"2023-05-17T11:21:00","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/05\/17\/news-15755\/"},"modified":"2023-05-17T03:21:00","modified_gmt":"2023-05-17T11:21:00","slug":"news-15755","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2023\/05\/17\/news-15755\/","title":{"rendered":"\u201cFleeceGPT\u201d mobile apps target AI-curious to rake in cash"},"content":{"rendered":"<p><strong>Credit to Author: Jagadeesh Chandraiah| Date: Wed, 17 May 2023 10:00:36 +0000<\/strong><\/p>\n<div class=\"entry-content lg:prose-lg mx-auto prose max-w-4xl\">\n<p>OpenAI\u2019s ChatGPT, the large-language-model-powered artificial intelligence application, has dominated technology media coverage and permeated popular culture. Hoping to cash in on curiosity about ChatGPT, we\u2019ve seen a spike in mobile apps claiming connection to the AI platform that fall into a category we refer to as <a href=\"https:\/\/vb2020.vblocalhost.com\/uploads\/VB2020-Chandraiah.pdf\">\u201cfleeceware,\u201d<\/a> \u00a0apps that have behaviors similar to these:<\/p>\n<ul>\n<li>Their functionality is available for free through either the mobile OS itself or other sources online.<\/li>\n<li>They push the user toward enrolling in a short free trial that converts to a high recurring subscription charge to rake in money from unsuspecting users.<\/li>\n<li>They use intrusive advertising and other features to make the free version barely useable and to push the user toward the subscription.<\/li>\n<\/ul>\n<p>Both <a href=\"https:\/\/developer.apple.com\/app-store\/review\/guidelines\/#business\">Apple<\/a> and <a href=\"https:\/\/support.google.com\/googleplay\/android-developer\/answer\/9900533?hl=en&amp;ref_topic=9857752#zippy=%2Cexamples-of-violations\">Google<\/a> have store guidelines intended to prevent app fraud, and these guidelines have evolved in response to earlier generations of fleeceware. When we <a href=\"https:\/\/news.sophos.com\/en-us\/2019\/09\/25\/fleeceware-apps-overcharge-users-for-basic-app-functionality\/\">first<\/a> wrote about fleeceware back in 2020, some of these apps were charging more than $200 per month. New app store policies were intended to curb <a href=\"https:\/\/news.sophos.com\/en-us\/2020\/08\/19\/truth-in-advertising-policy-fails-to-curb-fleeceware\/\">this<\/a>; for example, developers have to be upfront about their subscription fees, and have to allow users to cancel free trials before incurring any charges.<\/p>\n<p>Since then we have seen fleeceware evolve to circumvent those policies. In addition to repeated prompts to subscribe users, ranging from $9.99 to $69.99 on the apps, they also use tactics such as tightly limiting app usage and functionality without a subscription.<\/p>\n<p>Because fleeceware applications are designed to stay on the edge of Apple and Google terms of service and do not access private information or attempt to circumvent platform security, they are rarely rejected during review and are allowed into the app stores. And these apps not only generate cash for the underhanded developers, but also enrich the platform owners through <a href=\"https:\/\/developer.apple.com\/app-store\/subscriptions\/\">their cuts of app store<\/a> sales\u2014in the case of Apple, that\u2019s 30% in the first year and 15% from the second year. As a result, there\u2019s little financial incentive for Apple or Google to remove them despite their near-zero functionality and abuse of stores\u2019 reviews systems to artificially boost their credibility.<\/p>\n<p>Using a combination of advertising within and outside of the app stores and fake reviews that game the rating systems of the stores, the developers of these misleading apps are able to lure unsuspecting device users into downloading them, often with \u201cfree trial\u201d versions that then kick in automatic recurring subscription fees that users may not know are coming, or prompt them to buy subscription to \u201cpro\u201d versions that promise greater functionality but fail to deliver.<\/p>\n<p>The prime characteristics that make an app \u201cfleeceware\u201d are charging for functionality that is already free elsewhere, and the use of social engineering or coercive features to get users to sign up for a subscription to generate regular cash flow, as opposed to paying a one-time charge. While OpenAI offers an API for GPT and ChatGPT to developers at a rate that amounts to about $0.06 US for every 750 words of output, and has offered a $20-a-month \u201cpro\u201d subscription to the latest ChatGPT (which guarantees availability during peak usage and provides early access to new functionality), the basic functionality of ChatGPT is available freely to users through OpenAI\u2019s website. \u00a0All of the apps were offered as free (with little or no mention of subscriptions required to unlock basic functionality), had aggressive monetization tactics, and came with default subscription rates that were in many cases not in line with the functionality they provided.<\/p>\n<p>We have reported the apps we found to Google and Apple. Some we were investigating were pulled from the store before we could report them. Google has responded and removed some of the apps we found, \u00a0and Apple has acknowledged our input on the apps though no action has been taken at this time. We also reported ads for these apps on platforms where we found them.<\/p>\n<h2>Limited intelligence<\/h2>\n<p>Our investigation into fleeceware chatbot apps (\u201cFleeceGPT\u201d) began when Sophos X-Ops principal researcher Andrew Brandt recently spotted an advertisement on a mobile news application for an Android application called \u201cChat GBT.\u201d\u00a0 The <a href=\"https:\/\/play.google.com\/store\/apps\/details?id=chatgpt.openai.gpt.chat\">Google Play Store listing<\/a> included a logo that looked like the OpenAI logo for ChatGPT, and the developers call it \u201can alternative to chat GPT,\u201d while also claiming, \u201cWe\u2019ve trained a model called Chat GPT.\u201d<\/p>\n<figure id=\"attachment_91701\" aria-describedby=\"caption-attachment-91701\" style=\"width: 640px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT1.png\"><img decoding=\"async\" loading=\"lazy\" class=\"size-full wp-image-91701\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT1.png\" alt=\"A Google Play store listing for Chat GBT.\" width=\"640\" height=\"424\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT1.png 1176w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT1.png?resize=300,199 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT1.png?resize=768,509 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT1.png?resize=1024,679 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><figcaption id=\"caption-attachment-91701\" class=\"wp-caption-text\">Figure 1: The Google Play page for Chat GBT, now removed.<\/figcaption><\/figure>\n<p>But a quick download of the app revealed that it follows a pattern <a href=\"https:\/\/news.sophos.com\/en-us\/2020\/08\/19\/truth-in-advertising-policy-fails-to-curb-fleeceware\/\">we\u2019ve seen previously in other types of \u201cfleeceware\u201d<\/a>. The \u201cfree\u201d app was advertising-heavy, and locked after just three uses\u2014prompting users to pay for a subscription to upgrade the software for further uses. The default option for the three-day trial is a monthly $10 subscription that kicks in automatically after the trial ends; alternatively, the user can pay $30 upfront for an annual subscription. If the user opts for for annual subscription they\u2019ll keep paying that $30 every year until they unsubscribe\u2014a much more profitable option for the fleeceware developer.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-1-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FLeecegpt2a.png&quot;,&quot;id&quot;:&quot;91700&quot;,&quot;title&quot;:&quot;FLeecegpt2a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 2. Screenshots of Chat GBT, showing fleeceware behaviorsu2014advertising, interrupting for reviews, and a free trial that ends in a $10 a month subscription.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FLeeceGPT2b.png&quot;,&quot;id&quot;:&quot;91699&quot;,&quot;title&quot;:&quot;FLeeceGPT2b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 2. Screenshots of Chat GBT, showing fleeceware behaviorsu2014advertising, interrupting for reviews, and a free trial that ends in a $10 a month subscription.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/fleecegpt2c.png&quot;,&quot;id&quot;:&quot;91698&quot;,&quot;title&quot;:&quot;fleecegpt2c&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 2. Screenshots of Chat GBT, showing fleeceware behaviorsu2014advertising, interrupting for reviews, and a free trial that ends in a $10 a month subscription.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>The \u201dpro\u201d features that users pay for are essentially the same as available for free to registered users of ChatGPT\u2014that is, if and when they work. Mixed in with the thousands of brief four-star reviews are comments from people who downloaded the app and found it didn\u2019t work\u2014either it only showed ads, or failed to respond to questions when unlocked.\u00a0 One user reported that the \u201creply to every message is \u2018sorry, I could not understand your message.\u2019\u201d<\/p>\n<p>We found a nearly identical app with a different name from the same developer on the <a href=\"https:\/\/apps.apple.com\/us\/app\/open-chat-ai-chatbot\/id1573689978\">Apple App Store for iOS<\/a>.<\/p>\n<figure id=\"attachment_91697\" aria-describedby=\"caption-attachment-91697\" style=\"width: 468px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT3.png\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91697 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT3.png\" alt=\"Figure 3. the iOS version of Chat GBT, Ask AI Assistant.\" width=\"468\" height=\"344\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT3.png 468w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT3.png?resize=300,221 300w\" sizes=\"auto, (max-width: 468px) 100vw, 468px\" \/><\/a><figcaption id=\"caption-attachment-91697\" class=\"wp-caption-text\">Figure 3. the iOS version of Chat GBT, Ask AI Assistant.<\/figcaption><\/figure>\n<p>Called GAI Assistant, it behaved in the same fashion as the Android version we examined\u2014users were limited to three inputs per day before being locked out and prompted to enroll in a free 3-day trial, which would automatically become a $6 US (or \u00a36 for UK users) weekly subscription fee.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-2-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT4a-e1683820003874.png&quot;,&quot;id&quot;:&quot;91696&quot;,&quot;title&quot;:&quot;FleeceGPT4a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 4: Limited input, with a prompt for a free trial.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT4b.png&quot;,&quot;id&quot;:&quot;91695&quot;,&quot;title&quot;:&quot;FleeceGPT4b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 4: Limited input, with a prompt for a free trial.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>After a recent update, it behaved in a slightly different way, responding to all prompts with an abbreviated version of the reply and a \u201cRead More\u201d link at the end. It\u2019s clear that it\u2019s using OpenAI\u2019s ChatGPT API, but it does not return any full, useful replies.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-3-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT5a.jpg&quot;,&quot;id&quot;:&quot;91694&quot;,&quot;title&quot;:&quot;FleeceGPT5a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 5.  Abbreviated responses, limited queries.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT5b.jpg&quot;,&quot;id&quot;:&quot;91693&quot;,&quot;title&quot;:&quot;FleeceGPT5b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 5.  Abbreviated responses, limited queries.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT5c.jpg&quot;,&quot;id&quot;:&quot;91692&quot;,&quot;title&quot;:&quot;FleeceGPT5c&quot;,&quot;alt&quot;:&quot;Figure 5. Abbreviated responses, limited queries.&quot;,&quot;caption&quot;:&quot;Figure 5.  Abbreviated responses, limited queries.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>Tapping the \u201cread more\u201d link brings up a prompt for users to enroll for the three-day free trial or prepay for a monthly or annual subscription. And the interface now has a 10 query-per-day limit, again prompting the user to \u201cgo premium\u201d when that limit is reached.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-4-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FLeeceGPT6a.png&quot;,&quot;id&quot;:&quot;91691&quot;,&quot;title&quot;:&quot;FLeeceGPT6a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 6. :u201d Expandingu201d reply takes user to an upgrade screenu2014that defaults to a $6 a week subscription.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FLeeceGPT6b-e1683823647474.png&quot;,&quot;id&quot;:&quot;91690&quot;,&quot;title&quot;:&quot;FLeeceGPT6b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 6. :u201d Expandingu201d reply takes user to an upgrade screenu2014that defaults to a $6 a week subscription.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>According to the app tracker Sensor Tower, the Android app had <a href=\"https:\/\/app.sensortower.com\/android\/publisher\/publisher\/MAPLE%2BLABS%2BCO.%2C%2BLTD\">brought in under $5,000 in March<\/a> , while the <a href=\"https:\/\/app.sensortower.com\/ios\/publisher\/publisher\/1320450180\">iOS version<\/a> had yielded over $10,000 in revenue in March.\u00a0 That\u2019s despite a pile of negative reviews that have begun to put a dent in the impact of dozens of fake 5-star reviews:<\/p>\n<figure id=\"attachment_91689\" aria-describedby=\"caption-attachment-91689\" style=\"width: 640px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT7.png\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91689 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT7.png\" alt=\"Screenshot of Apple App Store reviews\" width=\"640\" height=\"232\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT7.png 1286w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT7.png?resize=300,109 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT7.png?resize=768,278 768w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT7.png?resize=1024,371 1024w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><figcaption id=\"caption-attachment-91689\" class=\"wp-caption-text\">Figure 7: Negative reviews on Apple\u2019s App Store make a small dent the app\u2019s rating.<\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<p>In one of the visible reviews on the site, a user wrote, \u201cThe entire app is just one big ad hub. There is virtually no app.\u201d The developers responded that the ads were necessary to fund development, and added, \u201cIf you don&#8217;t want to see the Ads you can purchase the Pro version of ChatGPT. Please rate us 5\u2605 to support the team! Thank you for understanding!\u201d<\/p>\n<p>Once a user assents to the 3-day trial, the app functioned mostly as advertised, and advertising disappeared. But aside from a bare-bones synthesized voice readback of responses, it\u2019s not clear that the functionality exceeded what is available to users for free via mobile web browsers.<\/p>\n<h2>Copycats breed copycats<\/h2>\n<p>These developers aren\u2019t the only ones trying to cash in on the buzz (and potential confusion) around ChatGPT. We found a number of other apps of a questionable nature on both the Play and Apple App stores\u2014including ones that used almost exactly the same questionable naming to boost their results on store searches.<\/p>\n<p>In the Google Play store, we found another app that uses an almost identical advertisement to the first fleeceware AI app we identified:<\/p>\n<figure id=\"attachment_91688\" aria-describedby=\"caption-attachment-91688\" style=\"width: 621px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT8.png\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91688 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT8.png\" alt=\"\" width=\"621\" height=\"365\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT8.png 621w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT8.png?resize=300,176 300w\" sizes=\"auto, (max-width: 621px) 100vw, 621px\" \/><\/a><figcaption id=\"caption-attachment-91688\" class=\"wp-caption-text\">Figure 8. A look-alike app, once again using \u201cChat GBT\u201d.<\/figcaption><\/figure>\n<p>This \u201cchatbot\u201d has similar habits: the \u201cfree\u201d version is limited to 4 requests before locking and prompting the user to purchase a subscription or sign up for a free trial that converts to a monthly subscription.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-5-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT9a.png&quot;,&quot;id&quot;:&quot;91687&quot;,&quot;title&quot;:&quot;FleeceGPT9a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 9. The same fleeceware features with a different face.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT9b.png&quot;,&quot;id&quot;:&quot;91686&quot;,&quot;title&quot;:&quot;FleeceGPT9b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 9. The same fleeceware features with a different face.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT9c.png&quot;,&quot;id&quot;:&quot;91685&quot;,&quot;title&quot;:&quot;FleeceGPT9c&quot;,&quot;alt&quot;:&quot;App screenshot&quot;,&quot;caption&quot;:&quot;Figure 9. The same fleeceware features with a different face.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>There were several other suspiciously-named apps in the Play store, but a few were pulled from the store during our research. And others, despite being buggy and carrying advertising, did not use typical fleeceware monetization methods.<\/p>\n<p>In the Apple App Store, we found several additional apps riding ChatGPT\u2019s coattails that displayed fleeceware-like tactics. <a href=\"https:\/\/apps.apple.com\/us\/app\/ai-chat-chatbot-ai-assistant\/id1659730883\">AIChatChatbot<\/a> (or, as it identifies itself in the app window \u201cPocket AI Chat\u201d) mimics the OpenAI logo in its store listing.<\/p>\n<figure id=\"attachment_91684\" aria-describedby=\"caption-attachment-91684\" style=\"width: 523px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT10.png\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91684 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT10.png\" alt=\"Apple App Store screenshot\" width=\"523\" height=\"402\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT10.png 523w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT10.png?resize=300,231 300w\" sizes=\"auto, (max-width: 523px) 100vw, 523px\" \/><\/a><figcaption id=\"caption-attachment-91684\" class=\"wp-caption-text\">Figure 10. Another chatbot, with a different name than advertised.<\/figcaption><\/figure>\n<p>The interface itself is essentially a repackaged mobile site, and all content is generated remotely, including Google-served advertisements. There are several other behaviors that this app has in common with ones we\u2019ve categorized as fleeceware in the past. \u00a0First, there\u2019s the types of permissions the app requests.<\/p>\n<figure id=\"attachment_91683\" aria-describedby=\"caption-attachment-91683\" style=\"width: 577px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT11.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91683 size-large\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT11.jpg?w=577\" alt=\"\" width=\"577\" height=\"1024\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT11.jpg 687w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT11.jpg?resize=169,300 169w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT11.jpg?resize=577,1024 577w\" sizes=\"auto, (max-width: 577px) 100vw, 577px\" \/><\/a><figcaption id=\"caption-attachment-91683\" class=\"wp-caption-text\">Figure 11. Never a good sign.<\/figcaption><\/figure>\n<p>When installing, the app requests permissions to track user activity across other apps and websites.\u00a0 While it does connect to ChatGPT through a back-end server run by the developer, and provides the response to the input, \u00a0it is also sending back telemetry the developer claims will be used \u201cto collect Crash Data in order to improve functionalities.\u201d<\/p>\n<p>Like the other apps, it\u2019s never really clear what the name of the app is. It is called \u201cAI Chat \u2013 Chatbot AI Assistant\u201d in the ad listing, and \u201cWriting BOT Pocket AI\u201d in the installation and user interface.\u00a0 Once installed, as with the others, the app also regularly interrupted application use with a window prompting for free trial signup\u2014with automatic subscriptions at $8 a week\u2014that could only be bypassed after waiting a few minutes for a window-closing \u201cx\u201d to appear. If not an outright violation of <a href=\"https:\/\/developer.apple.com\/app-store\/review\/guidelines\/#business\">App Store policies<\/a> (\u201cInterstitial ads or ads that interrupt or block the user experience must clearly indicate that they are an ad, must not manipulate or trick users into tapping into them, and must provide easily accessible and visible close\/skip buttons large enough for people to easily dismiss the ad\u201d), this comes very close.<\/p>\n<p>Replies were also often interrupted by requests to rate the app\u2014another practice that stretches the envelope of <a href=\"https:\/\/developer.apple.com\/app-store\/review\/guidelines\/#business\">Apple policy<\/a> (\u201cApps must not force users to rate the app, review the app, download other apps, or other similar actions in order to access functionality, content, or use of the app\u201d).<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-6-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT12a.jpg&quot;,&quot;id&quot;:&quot;91682&quot;,&quot;title&quot;:&quot;FleeceGPT12a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 12. The same pitch, yet again.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT12b.jpg&quot;,&quot;id&quot;:&quot;91681&quot;,&quot;title&quot;:&quot;FleeceGPT12b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 12. The same pitch, yet again.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>While there is no message limit if you\u2019re willing to wait out the advertisements, there is a character limit for responses\u2014likely driven by the version of the OpenAI API used by the back-end server. Responses appeared to be truncated at about 1000 characters to keep the number of GPT \u201ctokens\u201d used per request to a minimum.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-7-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT13a.png&quot;,&quot;id&quot;:&quot;91680&quot;,&quot;title&quot;:&quot;FleeceGPT13a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 13. Limited length responses.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT13b.png&quot;,&quot;id&quot;:&quot;91679&quot;,&quot;title&quot;:&quot;FleeceGPT13b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 13. There are also lots of ads that occasionally obscure the content.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Another ChatGPT offering on the Apple App Store with some fleeceware-like behaviors is the \u201c<a href=\"https:\/\/apps.apple.com\/us\/app\/genie-ai-chatbot\/id1658377526\">Genie AI Chatbot<\/a>.\u201d The app\u2019s listing advertises it as the \u201c#1 AI Chatbot\u201d and touts features including image recognition as well as the usual text generation capabilities associated with ChatGPT.<\/p>\n<figure id=\"attachment_91678\" aria-describedby=\"caption-attachment-91678\" style=\"width: 640px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT14.png\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91678 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT14.png\" alt=\"App Store screen shot.\" width=\"640\" height=\"516\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT14.png 654w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT14.png?resize=300,242 300w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><figcaption id=\"caption-attachment-91678\" class=\"wp-caption-text\">Figure 14: Genie claims to have a bunch of capabilities beyond just AI chat.<\/figcaption><\/figure>\n<p>There are a few fleeceware-like things about Genie, however. First, during installation, there are prompts to allow the app to track activities across other apps and websites, and to rate the app before it\u2019s even fully launched. Genie also asks for permission to send notifications. These prompts are followed by one encouraging enrollment in a free trial or immediate enrollment in a longer subscription&#8211;$7 a week (totaling $364 a year), or \u00a0an all-at-once $70 a year.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-8-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT15a.jpg?w=578&quot;,&quot;id&quot;:&quot;91677&quot;,&quot;title&quot;:&quot;FleeceGPT15a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 15: Genieu2019s fleeceware-like features.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT15b.jpg?w=576&quot;,&quot;id&quot;:&quot;91676&quot;,&quot;title&quot;:&quot;FleeceGPT15b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 15: Genieu2019s fleeceware-like features.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT15c.jpg?w=577&quot;,&quot;id&quot;:&quot;91675&quot;,&quot;title&quot;:&quot;FleeceGPT15c&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 15: Genieu2019s fleeceware-like features.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT15d.jpg?w=575&quot;,&quot;id&quot;:&quot;91674&quot;,&quot;title&quot;:&quot;FleeceGPT15d&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 15: Genieu2019s fleeceware-like features.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>Unlike some of the others, Genie actually works at something approaching full advertised functionality without the trial or subscription\u2014but only accepts 4 queries per day. It then prompts users with the trial offer again.<\/p>\n<div id='gallery-9' class='gallery galleryid-91660 gallery-columns-3 gallery-size-thumbnail'>\n<figure class='gallery-item'>\n<div class='gallery-icon portrait'> \t\t\t\t<a href='https:\/\/news.sophos.com\/en-us\/2023\/05\/17\/fleecegpt-mobile-apps-target-ai-curious-to-rake-in-cash\/fleecegpt116a\/'><img width=\"150\" height=\"150\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?w=150&amp;h=150&amp;crop=1\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" decoding=\"async\" loading=\"lazy\" aria-describedby=\"gallery-9-91673\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?resize=150,150 150w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?resize=32,32 32w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?resize=50,50 50w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?resize=64,64 64w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?resize=96,96 96w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT116a.jpg?resize=128,128 128w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><\/a> \t\t\t<\/div><figcaption class='wp-caption-text gallery-caption' id='gallery-9-91673'> \t\t\t\tFigure 16. It works, until it doesn\u2019t. \t\t\t\t<\/figcaption><\/figure>\n<figure class='gallery-item'>\n<div class='gallery-icon portrait'> \t\t\t\t<a href='https:\/\/news.sophos.com\/en-us\/2023\/05\/17\/fleecegpt-mobile-apps-target-ai-curious-to-rake-in-cash\/fleecegpt16b\/'><img width=\"150\" height=\"150\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?w=150&amp;h=150&amp;crop=1\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" decoding=\"async\" loading=\"lazy\" aria-describedby=\"gallery-9-91672\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?resize=150,150 150w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?resize=32,32 32w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?resize=50,50 50w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?resize=64,64 64w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?resize=96,96 96w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16b.jpg?resize=128,128 128w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><\/a> \t\t\t<\/div><figcaption class='wp-caption-text gallery-caption' id='gallery-9-91672'> \t\t\t\tFigure 16. It works, until it doesn\u2019t. \t\t\t\t<\/figcaption><\/figure>\n<figure class='gallery-item'>\n<div class='gallery-icon portrait'> \t\t\t\t<a href='https:\/\/news.sophos.com\/en-us\/2023\/05\/17\/fleecegpt-mobile-apps-target-ai-curious-to-rake-in-cash\/fleecegpt16c\/'><img width=\"150\" height=\"150\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?w=150&amp;h=150&amp;crop=1\" class=\"attachment-thumbnail size-thumbnail\" alt=\"\" decoding=\"async\" loading=\"lazy\" aria-describedby=\"gallery-9-91671\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?resize=150,150 150w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?resize=32,32 32w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?resize=50,50 50w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?resize=64,64 64w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?resize=96,96 96w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT16c.jpg?resize=128,128 128w\" sizes=\"auto, (max-width: 150px) 100vw, 150px\" \/><\/a> \t\t\t<\/div><figcaption class='wp-caption-text gallery-caption' id='gallery-9-91671'> \t\t\t\tFigure 16. It works, until it doesn\u2019t. \t\t\t\t<\/figcaption><\/figure>\n<\/p><\/div>\n<p>Figure 16. It works, until it doesn\u2019t.<\/p>\n<p>&nbsp;<\/p>\n<p>This model appears to have been effective for Genie\u2019s developers. According to <a href=\"https:\/\/app.sensortower.com\/ios\/publisher\/publisher\/1560806519\">Sensor Tower<\/a>, the app has generated over $700,000 in revenue in just the last month.<\/p>\n<p>The third fleeceware-ish app we identified on the Apple App store was listed as \u201c<a href=\"https:\/\/apps.apple.com\/us\/app\/ai-chatbot-open-chat-writer\/id1559479889\">AI Chatbot-Open Chat Writer<\/a>\u201d, but when installed called itself \u201cAI Smith\u201d.<\/p>\n<figure id=\"attachment_91670\" aria-describedby=\"caption-attachment-91670\" style=\"width: 612px\" class=\"wp-caption alignnone\"><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT17.png\"><img decoding=\"async\" loading=\"lazy\" class=\"wp-image-91670 size-full\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT17.png\" alt=\"\" width=\"612\" height=\"473\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT17.png 612w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT17.png?resize=300,232 300w\" sizes=\"auto, (max-width: 612px) 100vw, 612px\" \/><\/a><figcaption id=\"caption-attachment-91670\" class=\"wp-caption-text\">Figure 17. AI Chatbot or AI Smith, the App Store listing looks terribly familiar.<\/figcaption><\/figure>\n<p>&nbsp;<\/p>\n<p>The screen shots on the listing site look nothing like the app that actually installs.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-9-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT18a.png?w=576&quot;,&quot;id&quot;:&quot;91669&quot;,&quot;title&quot;:&quot;FleeceGPT18a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 18. A cascade of u201cinformationalu201d slides during install that serve no obvious function.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT18b.png?w=578&quot;,&quot;id&quot;:&quot;91668&quot;,&quot;title&quot;:&quot;FleeceGPT18b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 18. A cascade of u201cinformationalu201d slides during install that serve no obvious function.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT18c.png?w=577&quot;,&quot;id&quot;:&quot;91667&quot;,&quot;title&quot;:&quot;FleeceGPT18c&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 18. A cascade of u201cinformationalu201d slides during install that serve no obvious function.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>\u201cAI Smith\u201d has a five-message limit per day without a subscription, and those messages are interrupted by advertising and subscription screens, and constant requests for a rating.<\/p>\n<p class=\"jetpack-slideshow-noscript robots-nocontent\">This slideshow requires JavaScript.<\/p>\n<div id=\"gallery-91660-10-slideshow\" class=\"jetpack-slideshow-window jetpack-slideshow jetpack-slideshow-black\" data-trans=\"fade\" data-autostart=\"1\" data-gallery=\"[{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT19a.png?w=576&quot;,&quot;id&quot;:&quot;91666&quot;,&quot;title&quot;:&quot;FleeceGPT19a&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 19. A gallery of screenshots showing AI Smithu2019s fleecing functionality.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT19c.png?w=577&quot;,&quot;id&quot;:&quot;91665&quot;,&quot;title&quot;:&quot;FleeceGPT19c&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 19. A gallery of screenshots showing AI Smithu2019s fleecing functionality.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT19b.png?w=576&quot;,&quot;id&quot;:&quot;91664&quot;,&quot;title&quot;:&quot;FleeceGPT19b&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 19. A gallery of screenshots showing AI Smithu2019s fleecing functionality.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT19d.png?w=577&quot;,&quot;id&quot;:&quot;91663&quot;,&quot;title&quot;:&quot;FleeceGPT19d&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 19. A gallery of screenshots showing AI Smithu2019s fleecing functionality.&quot;,&quot;itemprop&quot;:&quot;image&quot;},{&quot;src&quot;:&quot;https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/FleeceGPT19e.png?w=578&quot;,&quot;id&quot;:&quot;91662&quot;,&quot;title&quot;:&quot;FleeceGPT19e&quot;,&quot;alt&quot;:&quot;&quot;,&quot;caption&quot;:&quot;Figure 19. A gallery of screenshots showing AI Smithu2019s fleecing functionality.&quot;,&quot;itemprop&quot;:&quot;image&quot;}]\" itemscope itemtype=\"https:\/\/schema.org\/ImageGallery\"><\/div>\n<p>&nbsp;<\/p>\n<p>As with some of the other apps we looked at, AI Smith does use a GPT-3 API to generate the content, but truncates content if it is too long.<\/p>\n<p>We found many other apps jumping on the ChatGPT band wagon following a similar naming convention in an effort to attract users searching for the right app. But not all used fleeceware tactics. Many are just poorly written or poorly implemented apps that don\u2019t fit the usual fleeceware formula.<\/p>\n<h2>Caveat Downloader<\/h2>\n<p>While we were investigating several other potential fleeceware apps, they were removed from the Google Play store. \u00a0Google has since removed the apps we pointed out to them as well; similar apps, however, have been allowed to remain in the store.<\/p>\n<p>Fleeceware developers have adapted to these guidelines and follow them to the letter\u2014but not the spirit.\u00a0 They attempt to get customers to pay subscription fees in several ways, but mostly count on users forgetting about the free trial and not noticing the weekly or monthly subscription fees when they kick in, or they simply expect to yield enough from the initial subscription to profit.<\/p>\n<p>The platform owners profit heavily from these applications as well, and there\u2019s little incentive for them to remove applications that are not in obvious violation of standards. Because of this, mobile device users need to continue to pay close attention to in-app payments and subscriptions tied to \u201cfree trial\u201d software. \u00a0On Apple devices, those subscriptions appear in the settings menu under your Apple ID; on Android devices, Google Play subscriptions are managed within the Google Play store app under Subscriptions on the pop-out menu.<\/p>\n<p>We recommend that Apple ensure that App store reviews include a close look at whether in-app subscriptions under the \u201cfreemium\u201d model actually provide value rather than leaving it up to the device user, since these app stores present themselves as trusted platforms while profiting significantly from misleading apps themselves.<\/p>\n<p>Additionally, because some of these apps are essentially re-wrapped web apps dependent on a remote platform for content, they pose a long-term risk in that their functionality could be made malicious by the developer without changing any local code. \u00a0This is a tactic we have seen <a href=\"https:\/\/news.sophos.com\/en-us\/2023\/02\/01\/fraudulent-cryptorom-trading-apps-sneak-into-apple-and-google-app-stores\/\">used by sha zhu pan scammers.<\/a><\/p>\n<p>For now, the only real defense is user education. Before tapping the install button, users need to make sure they\u2019re aware of any in-app purchases associated with a free app, and evaluate whether the fees associated with any application are in line with what\u2019s available elsewhere.\u00a0 And when applications use unethical means to profit, users should report them to Apple or Google.<\/p>\n<p>&nbsp;<\/p>\n<p>How to cancel a subscription<\/p>\n<p>If you\u2019ve discovered you have installed a fleeceware app, it\u2019s important to note that just deleting the app will not end the subscription. Some victims of fleeceware install a trial and delete the app after trying it\u2014not realizing that the subscription still remains on their app store account, and that their account will continue to be debited after the trial expires. Here\u2019s how to remove these subscriptions:<\/p>\n<p>&nbsp;<\/p>\n<p><strong>IPhone<\/strong><\/p>\n<p>As outlined by Apple <a href=\"https:\/\/support.apple.com\/en-us\/HT202039\">here<\/a> by Apple, follow the instructions below:<\/p>\n<p><a href=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-91661\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png\" alt=\"\" width=\"640\" height=\"640\" srcset=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png 727w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=150,150 150w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=300,300 300w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=32,32 32w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=50,50 50w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=64,64 64w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=96,96 96w, https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/iPhone-subs-mgmt.png?resize=128,128 128w\" sizes=\"auto, (max-width: 640px) 100vw, 640px\" \/><\/a><\/p>\n<ol>\n<li>Open the Settings app.<\/li>\n<li>Tap your name.<\/li>\n<li>Tap Subscriptions.<\/li>\n<li>Tap the subscription.<\/li>\n<li>Tap Cancel Subscription. You might need to scroll down to find the Cancel Subscription button. If there is no Cancel button or you see an expiration message in red text, the subscription is already canceled.<\/li>\n<\/ol>\n<p>If you have other use cases, please follow the Apple <a href=\"https:\/\/support.apple.com\/en-us\/HT202039\">documentation<\/a>.<\/p>\n<p><strong>Android<\/strong><\/p>\n<p>1.On your Android device, go to your <a href=\"https:\/\/play.google.com\/store\/account\/subscriptions\">subscriptions in Google Play<\/a>.<\/p>\n<p>2.Select the subscription you want to cancel.<\/p>\n<p>3.Tap<strong> Cancel subscription<\/strong>.<\/p>\n<p>4.Follow the instructions.<\/p>\n<p>IOCs are available <a href=\"https:\/\/github.com\/sophoslabs\/IoCs\/blob\/master\/fleeceware-chatbot-apps.csv\">on our GitHub repository<\/a>.<\/p>\n<\/p><\/div>\n<p><a href=\"https:\/\/news.sophos.com\/en-us\/2023\/05\/17\/fleecegpt-mobile-apps-target-ai-curious-to-rake-in-cash\/\" target=\"bwo\" >http:\/\/feeds.feedburner.com\/sophos\/dgdY<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/news.sophos.com\/wp-content\/uploads\/2023\/05\/fleeceware.png\"\/><\/p>\n<p><strong>Credit to Author: Jagadeesh Chandraiah| Date: Wed, 17 May 2023 10:00:36 +0000<\/strong><\/p>\n<p>Interest in OpenAI\u2019s latest version of its interactive language model has spurred a new wave of scam apps looking to cash in on the hype<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10377],"tags":[10462,28405,129,23032,10480,27030,16771],"class_list":["post-22025","post","type-post","status-publish","format-standard","hentry","category-security","category-sophos","tag-android","tag-chatgpt","tag-featured","tag-fleeceware","tag-ios","tag-sophos-x-ops","tag-threat-research"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22025","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=22025"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22025\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=22025"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=22025"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=22025"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}