ESET: fraudulent app on Google Play signs the users on the paid service

Anti-virus company ESET reported the discovery of her new fraudulent schemes on Google Play: app Pingu Cleans signed Up users to premium service using a legitimate payment method in Google Play.

The Game Pingu Cleans Up first appeared in the app store February 8, 2018. It was downloaded from 50 000 to 100 000 times.

Once installed on a tablet or a smartphone application proposed the creation of a game character. On the first two stages of a potential victim, choosing the desired attribute, had to press "Confirm" button in the popup window.

In the last step the user with a credit card tied to your Google Play account, I saw a window resembling the previous one. The difference is that the button "Confirm" was replaced by "Subscribe". Pressing the button, the user has subscribed with a price of 5.49 euros (about 400 rubles) per week. The payment is debited from the card automatically until you cancel the subscription.

The User account which was not credit card data, seen in the third stage another window. They were asked to add information regarding the method of payment to complete the purchase.

Diagram of scammers based on the assumption that some users clicked on any window, interfere with the game, not vchityvayas in the text. Judging by the negative reviews in Google Play, the Scam works.

After a warning ESET game Pingu Cleans Up was removed from Google Play. Victims do not need to disable the subscription manually – it is automatically cancelled.

Related Posts