These malicious Android loan apps could leave millions of users seriously out of pocket


Cybersecurity researchers from ESET have discovered malicious loan apps stealing victim’s sensitive data and threaten them with ridicule unless they comply with absurd terms.
The researchers named the collection of over a dozen apps SpyLoan, which are being advertised as financial services tools for personal loans, offering “quick and easy access to funds”.
The team warned there have been more than 12 million combined downloads from the Play Store already, however, the apps are also being distributed via social media, third-party stores, and various websites, meaning the number of downloads is likely to be much higher.
Tricking Google
After the users sign up, the first red flag is the permissions – the app requests many permissions that it objectively doesn’t need, like access to the camera, call logs, or contacts list. If the user still proceeds and signs up for a loan, the app will soon reduce the tenure to mere days and threaten the victim with ridicule if they don’t comply. Given that the app has access to the contacts list, it would start notifying people in that list of the loan.
Furthermore, the app silently gathers plenty of sensitive data from the compromised endpoint – a list of all accounts, device info, call logs, installed apps, calendar events, local Wi-Fi network details, and metadata from images. ESET says that the app can also grab location data and text messages.
SpyLoan apps are not exactly a novelty, the researchers claim, but they did pick up the pace in 2023. The majority of victims are located in Mexico, India, Thailand, Indonesia, Nigeria, Philippines, Egypt, Vietnam, Singapore, Kenya, Colombia, and Peru.
ESET also said that these apps made it past Google’s protections by being submitted with “compliant privacy policies, required KYC standards, and transparent permission requests.” However, they also link to websites that are obvious impersonations of actual companies.
Out of the 18 apps that were discovered, Google removed 17 from its app repository. The last one is now available with a new set of permissions and as such was allowed to stay.
More from TechRadar Pro
Cybersecurity researchers from ESET have discovered malicious loan apps stealing victim’s sensitive data and threaten them with ridicule unless they comply with absurd terms. The researchers named the collection of over a dozen apps SpyLoan, which are being advertised as financial services tools for personal loans, offering “quick and easy…
Recent Posts
- Longer-lasting laptops: the modular hardware you can upgrade and repair yourself
- Chinese hackers develop effective new hacking technique to go after business networks
- A reviews site embroiled in AI scandal is back from the dead
- OpenAI is getting a makeover – new visual rebrand for ChatGPT maker even includes its own custom font
- Amazon announces February product event
Archives
- February 2025
- January 2025
- December 2024
- November 2024
- October 2024
- September 2024
- August 2024
- July 2024
- June 2024
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- September 2018
- October 2017
- December 2011
- August 2010