On Wednesday, security firm Sophos published a report showing that Apple’s and Google’s app stores are becoming riddled with ChatGPT programs that are nothing but “fleeceware” – software that quietly sticks users with subscription fees. The apps claim to connect to OpenAI’s ChatGPT and many do. However, they also charge users for service when the public version of the large language model is free to use.
Some apps lure users in with a “free trial subscription” that later charges huge monthly fees when it auto-renews through the App Store or Google Play. One app Sophos tried, called “Chat GBT,” advertised itself as “free,” but after three uses, the software locked up and offered a three-day free trial attached to a $10 per month “pro” subscription to kick-in after the trial period.
Even worse, the app was rife with ads to cull even more money from the fleeceware. Review nags were frequent, a ploy to build review numbers to appear more legitimate and attract more users. It also had a $30 annual subscription, which tends to be more lucrative for the developer since people frequently forget they have subscriptions to apps they don’t often use, especially when there is a long gap between payments.
The scammers don’t care about being caught. It’s all about making as much money as possible before Apple or Google bans the app. Once that happens, the con artists rename the same software and send it off for review as if it were new. This technique works as evidenced by a second app Sophos found that was identical to Chat GBT but from a supposedly different developer.
Another app, “GAI Assistant,” operated similarly to Chat GBT, but instead of $10 per month, it charged $6 per week. Furthermore, this app didn’t even work. While it did appear to use ChatGPT’s API, its responses were truncated with a “Read More” link at the bottom. Clicking the link brought up a subscription sign-up screen.
Surprisingly, despite GAI Assistant’s apparent scammy nature, Sensor Tower reports that the app made nearly $5,000 on Android and over $10,000 on iOS in March. And that is on top of all the negative reviews warning people that it is a scam. Despite the many one-star reviews, the app has enough fake five-star reviews to still sit with an above-average 3.8 stars.
Sophos noted that one user left a poor review saying, “The entire app is just one big ad hub. There is virtually no app.” To which the developer replied, “If you don’t want to see the Ads you can purchase the Pro version of ChatGPT. Please rate us 5 [stars] to support the team! Thank you for understanding!”
The researchers did note that the app functioned adequately once they bought a subscription. However, it was still the same experience users could get for free from OpenAI’s web app.
Of the half dozen apps Sophos mentioned, one called Genie worked with “something approaching full advertised functionality” without a trial or subscription. However, it is very naggy regarding allowing cross-app tracking and prompts to pay. To pound the subscription prodding in, it limited users to four queries per day.
Genie charged $7 per week or $70 per year for subscriptions. According to Sensor Tower, Genie raked in $700,000 in April alone.
Sophos noted that it had found several apps that Apple and Google removed on their own during its research. Both companies also gladly banned the other apps that the investigation uncovered. However, an app’s removal from the store does not remove it from the device nor negate the subscription’s auto-renewal. Users must go into their phones’ settings and cancel subscriptions manually. Check out the Sophos blog for instructions.