Beware: predatory Android loan apps spy, harass, and blackmail users


Deceptive loan apps charging excessive interest rates can also be malicious. SpyLoan apps circumvent Google Play requirements to track their users’ data and then use it to blackmail them, cybersecurity company ESET warns.

ESET researchers discovered at least 18 apps that combined spyware with predatory loans and other malicious practices. These apps were downloaded more than 12 million times from Google Play.

While 17 of them are now removed, ESET warns about the alarming growth of deceptive Android loan apps that target vulnerable borrowers by presenting themselves as legitimate loan services with “quick and easy” access to money.

“Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims’ personal and financial information to blackmail them and, in the end, gain their funds,” the ESET report reads.

The apps are marketed through social media and text messages, mostly in Mexico, Indonesia, Thailand, Vietnam, India, Pakistan, Colombia, Peru, the Philippines, Egypt, Kenya, Nigeria, and Singapore.

Unaware users, after installing a SpyLoan app, are prompted to grant extensive permissions together with accepting the terms of service. Those apps then have access to the user’s contacts, address, proof of income, banking account information, photos, and other files.

None of these services have the option to apply for a loan using the website, as that does not grant access to user data, researchers noted.

Once verified, the user can apply for a loan, providing even more information, which then is sent to command-and-control servers. Then, the real “monetization efforts” begin.

“The app’s enforcers start to harass and blackmail their victims into making payments, even if – according to the reviews – the user didn’t apply for a loan or applied, but the loan wasn’t approved. Such practices have been described in the reviews of these apps on Facebook and on Google Play,” ESET researchers write.

While SpyLoan apps state the interest rates that are in range with the legal limits, the real annual percentage rates, including all hidden fees, insurance premiums, and other charges, were between 160% and 340%.

“Even after several takedowns, SpyLoan apps keep finding their way to Google Play, and serve as an important reminder of the risks borrowers face when seeking financial services online. These malicious applications exploit the trust users place in legitimate loan providers, using sophisticated techniques to deceive and steal a very wide range of personal information,” researchers warn.

To distinguish malicious loan apps from legitimate ones, ESET advises avoiding installations from unofficial sources and third-party app stores, using a security app that scans for malware, paying close attention to user reviews, and examining a privacy policy that must be available.

If prevention does not work, fraud victims should report the incident to their country's law enforcement or relevant legal authorities, contact consumer protection agencies, and alert the institution that governs the terms of private loans, such as the national bank.


More from Cybernews:

GST Invoice Billing Inventory exposes sensitive data to threat actors

The future of phone scams: bots that sound like your loved ones

Apple’s Lockdown Mode not a failsafe protection

Book review: “A City on Mars”

PALIC customers’ credit card data exposed via MOVEit attacks

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked