Loan Apps Using SpyLoan Malware Blackmailing Users Extort Personal Data Detected on Play Store Heres Full List All Details
ESET researchers uncovered the fraudulent methods used by these loan apps to bypass Google Play Store restrictions exposure This malware with an attractive interface promises instant funds to users with high-interest terms. Targeting mainly users from Africa, Latin America and Southeast Asia, these spyloan apps not only pass KYC checks but also display fake information on official-looking websites, including stock photos as pictures of employees.
Once users get a loan, these apps request several sensitive permissions from them, such as camera, contacts, SMS, call logs, photos, Wi-Fi details and calendar details. This data is then sent to the apps’ servers.
In violation of Google’s Financial Services Policy, these apps set unrealistically short repayment terms, forcing users to pay with exorbitant interest rates. Users reported facing pressure to repay amounts as low as 450 pesos (roughly Rs. 2,160) with additional interest of 549 pesos (roughly Rs. 2,640), totalling 999 pesos (roughly Rs. 4,800).
ESET informed Google about 18 apps, of which 17 were removed. However, one app remains on the store in the form of a new version. The listed apps include 4S Cash, AA Kredit, Amor Cash, Cartera grande, Cashwow, CrediBus, EasyCash, EasyCredit, Finupp Lending, FlashLoan, Go Crédito, GuayabaCash, Instantáneo Préstamo, Préstamos De Crédito-YumiCash, PréstamosCrédito, Rápido Crédito, and TrueNaira.
However, even after being removed from the Play Store, these apps may remain on users’ devices until they are manually removed. Users who have these apps should uninstall them immediately.
