A new wave of malicious Android apps has been discovered, targeting users in multiple countries through fraudulent loan services. These apps, collectively downloaded over 8 million times from the Google Play Store, harbor a dangerous malware known as SpyLoan.
According to a recent report, these apps exploit social engineering to trick users into granting intrusive permissions. This tactic enables them to collect sensitive data, which can later be used for extortion, harassment, or financial fraud. Victims are often lured with promises of quick loans requiring minimal documentation. The apps have targeted users in countries like Mexico, Indonesia, Thailand, Colombia, and Senegal.
SpyLoan is not a new threat. It was first detected in 2020 and has evolved significantly since then. A previous report in late 2023 exposed a similar scheme involving 18 malicious apps. These apps gathered personal and financial information under the guise of providing financial aid, often trapping victims in cycles of debt.
These malicious loan apps share a common design and framework. Once installed, they request excessive permissions, such as access to contacts, call logs, camera, and SMS messages. They claim this data is necessary for user verification and fraud prevention. In reality, it is encrypted and sent to command-and-control (C2) servers for exploitation.
SpyLoan apps also employ a one-time password (OTP) to confirm a user’s phone number, further adding to their legitimacy. Users are often asked to provide identification documents, banking details, and even employment information. All collected data can be used for financial exploitation or coercion, with some apps going as far as threatening users with personal photo exposure for late payments.
Despite efforts to remove these apps, some remain active. They adapt quickly to changes, leveraging a modular design to reappear under new names or operators. The widespread availability of cracked frameworks online makes it easier for cybercriminals to distribute these apps.
To avoid falling victim to such scams, carefully review app permissions and developer credibility before downloading. Always read reviews and check for warning signs like excessive permissions. Additionally, install security software on your devices and keep your apps and operating system up to date. By staying vigilant, you can protect your personal and financial data from these malicious schemes.