Published on December 6, 2023, 2:10 pm

“Spyloan: Malicious Loan Apps Threaten Users With Public Ridicule And Steal Sensitive Data”

Cybersecurity researchers from ESET have recently uncovered a dangerous trend involving malicious loan apps. These apps not only steal sensitive data from victims but also go as far as threatening them with public ridicule unless they comply with outrageous terms.

The collection of these malicious loan apps has been named SpyLoan by the researchers. They are being promoted as financial service tools for personal loans, claiming to provide “quick and easy access to funds.” What’s more alarming is that these apps have already been downloaded over 12 million times from the Play Store alone. However, they are also being distributed through social media, third-party app stores, and various websites, suggesting that the actual number of downloads could be much higher.

When users sign up for these loan apps, there are clear red flags right from the start. The app requests unnecessary permissions such as access to the camera, call logs, and contacts list. If a user proceeds to sign up for a loan despite these warnings, they will soon find themselves facing shortened repayment tenures and threats of public ridicule if they fail to comply. The app even has access to the user’s contacts list and can notify individuals on that list about their loan status.

Aside from these manipulative tactics, the app silently collects sensitive data from compromised devices. This includes a variety of information such as account details, device information, call logs, installed applications, calendar events, Wi-Fi network details, metadata from images, location data, and text messages.

Although SpyLoan apps are not new in themselves according to the researchers at ESET – who suggest an acceleration in their proliferation beginning in 2023 – they continue to prey on unsuspecting victims. The majority of victims are located in countries like Mexico, India, Thailand, Indonesia, Nigeria, Philippines, Egypt, Vietnam Singapore Kenya Colombia Peru.

To make matters worse Google unknowingly allowed some of these malicious loan apps through its protections because they were submitted with seemingly compliant privacy policies, required Know Your Customer (KYC) standards, and transparent permission requests. Additionally, these apps also include links to websites that impersonate legitimate companies, further deceiving users.

After the discovery of these apps, Google took action and removed 17 out of the 18 identified malicious loan apps from its app repository. However, one app managed to remain by making minor adjustments to its permissions.

It is important for users to exercise caution when downloading any app from unknown sources and always be vigilant about the permissions requested during installation. Cybercriminals continue to find new ways to exploit individuals’ personal information and it is essential for both app developers and users to stay updated on the latest security measures in order to protect sensitive data effectively.


Comments are closed.