15 SpyLoan Apps Found on Play Store Targeting Millions

   December 4, 2024  Posted in HackRead


SUMMARY

  • SpyLoan Rise: SpyLoan apps have increased by 75% between Q2 and Q3 2024, targeting users globally.
  • Play Store Threat: 15 malicious loan apps on Google Play have been downloaded over 8 million times.
  • How They Work: These apps lure users with fake loan offers, harvest sensitive data, and exploit victims financially.
  • Global Impact: High prevalence reported in India, Mexico, the Philippines, Kenya, and seven other countries.
  • Staying Safe: Users should research apps, avoid granting excessive permissions, and use antivirus software.

Cybercriminals are exploiting SpyLoan, or predatory loan apps, to target unsuspecting users globally. McAfee cybersecurity researchers report a whopping 75% rise in SpyLoan apps and infected devices between Q2 and Q3 of 2024. These apps lure users with promises of quick, hassle-free loans but are designed to harvest sensitive data, resulting in extortion, harassment, and financial losses.

This increase can be understood by the fact that researchers spotted 15 such apps on the official Google Play Store with over 8 million installations worldwide. These apps, especially targeting users in South America, Southern Asia, and Africa, use social engineering tactics to trick users into providing sensitive information and granting excessive permissions.

Malicious apps (Credit: McAfee)

Here’s a list of malicious PayLoan apps found on the Google Play Store:

  1. Préstamo Seguro-Rápido, seguro – Downloads 1M, Country: Mexico – Deleted
  2. Préstamo Rápido-Credit Easy – Downloads 1M, Country: Colombia – Available
  3. ได้บาทง่ายๆ-สินเชื่อด่วน – Downloads: 1M, Country: Senegal – Available
  4. RupiahKilat-Dana cair – Downloads: 1M, Country: Senegal – Available
  5. ยืมอย่างมีความสุข – เงินกู้ – Downloads: 1M, Country: Thailand – Deleted
  6. เงินมีความสุข – สินเชื่อด่วน – Downloads: 1M, Country: Thailand – Deleted
  7. KreditKu-Uang Online – Downloads: 500K, Country: Indonesia – Deleted
  8. Dana Kilat-Pinjaman kecil – Downloads: 500K, Country: Indonesia – Available
  9. Cash Loan-Vay tiền – Downloads: 100K, Country: Vietnam – Available
  10. RapidFinance – Downloads: 100K, Country: Tanzania – Deleted
  11. PrêtPourVous – Downloads: 100K, Country: Senegal – Deleted
  12. Huayna Money – Préstamo Rápido – Downloads: 100K, Country: Peru – Deleted
  13. IPréstamos: Rápido Crédito – Downloads: 100K, Country: Chile – Available
  14. ConseguirSol-Dinero Rápido – Downloads: 100K, Country: Peru – Deleted
  15. ÉcoPrêt Prêt En Ligne – Downloads: 50K, Country: Thailand – Available

How SpyLoan Apps Work

These apps operate by using a common framework to encrypt and exfiltrate data from a victim’s device to a command and control (C2) server. They often use deceptive marketing, mimicking reputable financial institutions, and are promoted through social media ads. Once installed, they request unnecessary permissions, such as access to contacts, SMS, storage, and even a microphone or camera.

The apps then use a similar onboarding process, including a countdown timer to create a sense of urgency and require users to provide sensitive identification documents and personal information. This data is then exfiltrated and used for financial exploitation, including hidden fees and high interest rates, as well as privacy violations, such as data misuse and harassment.

The consequences of using these apps can be devastating. Users have reported receiving threatening calls and death threats, having personal photos and IDs misused, and experiencing emotional and psychological distress. In some cases, victims have even reported suicidal thoughts.

The threat of SpyLoan apps is not limited to a single region. They have been reported globally, with localized adaptations. India, Mexico, Philippines, Indonesia, Thailand, Kenya, Colombia, Vietnam, Chile, and Nigeria are among the top 10 countries with the highest prevalence of fake loan apps.

Law Enforcement Actions

While law enforcement agencies have taken action against some of these operations, the threat persists. In Peru, authorities raided a call center engaged in extortion and fake loan app operations, detaining over 300 individuals. In Chile, the commission for the financial market has highlighted tens of fraudulent credit applications distributed on Google Play.

Protecting Yourself

To avoid falling victim to these predatory loan apps, users must be cautious when downloading financial apps. Here are some tips:

  • Read reviews and check ratings
  • Research the app and its developer thoroughly
  • Be wary of apps that request excessive permissions
  • Use reputable antivirus software to detect and block malicious apps
  • Never provide sensitive information without verifying the app’s legitimacy
  1. New Tool DVa Detects and Removes Android Malware
  2. Scammers Using Fake Loan Apps for Money Laundering
  3. These 8 Apps on Play Store Contain Android/FakeApp Trojan
  4. “Scary” FakeCall Android Malware Captures Photos and OTPs
  5. Octo2 Android Malware Uses Fake NordVPN App to Infect Phones





Source link