These malicious Android loan apps could leave millions of users seriously out of pocket
Date:
Wed, 06 Dec 2023 17:22:02 +0000
Description:
More than a dozen Android apps made it to the Play Store, but have since been removed.
FULL STORY ======================================================================
Cybersecurity researchers from ESET have discovered malicious loan apps stealing victims sensitive data and threaten them with ridicule unless they comply with absurd terms.
The researchers named the collection of over a dozen apps SpyLoan , which are being advertised as financial services tools for personal loans, offering quick and easy access to funds.
The team warned there have been more than 12 million combined downloads from the Play Store already, however, the apps are also being distributed via social media, third-party stores, and various websites, meaning the number of downloads is likely to be much higher. Tricking Google
After the users sign up, the first red flag is the permissions - the app requests many permissions that it objectively doesnt need, like access to the camera, call logs, or contacts list. If the user still proceeds and signs up for a loan, the app will soon reduce the tenure to mere days and threaten the victim with ridicule if they dont comply. Given that the app has access to
the contacts list, it would start notifying people in that list of the loan.
Furthermore, the app silently gathers plenty of sensitive data from the compromised endpoint - a list of all accounts, device info, call logs, installed apps, calendar events, local Wi-Fi network details, and metadata from images. ESET says that the app can also grab location data and text messages.
SpyLoan apps are not exactly a novelty, the researchers claim, but they did pick up the pace in 2023. The majority of victims are located in Mexico, India, Thailand, Indonesia, Nigeria, Philippines, Egypt, Vietnam, Singapore, Kenya, Colombia, and Peru.
ESET also said that these apps made it past Googles protections by being submitted with compliant privacy policies, required KYC standards, and transparent permission requests. However, they also link to websites that are obvious impersonations of actual companies.
Out of the 18 apps that were discovered, Google removed 17 from its app repository. The last one is now available with a new set of permissions and
as such was allowed to stay. More from TechRadar Pro Millions more 23andMe records leaked online Here's a list of the best firewalls today These are the best endpoint protection software right now
======================================================================
Link to news story:
https://www.techradar.com/pro/security/these-malicious-android-loan-apps-could -leave-millions-of-users-seriously-out-of-pocket
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)