Malicious apps are pretty common, and it’s easy to accidentally download them if you’re not cautious. You’ll often find these apps on third-party app stores, shady websites, or through suspicious emails and texts. What you wouldn’t expect is to encounter them on the Google Play Store if you’re an Android user, or the App Store if you’re on iPhone. While Apple does a great job of keeping its app marketplace safe, Google doesn’t quite measure up.
A new report has revealed that over a dozen malicious apps containing SpyLoan malware have been available on the Play Store. These apps have been downloaded by 8 million Android users, putting them at risk of extortion, harassment, and financial loss. Below are images of four of the SpyLoan apps found on Google Play.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
What is SpyLoan malware?
SpyLoan is a malware often hidden in apps that promise instant loans. These apps reel people in with offers of quick, hassle-free loans, boasting low rates and hardly any requirements. While they might look legit at first glance, their real goal is to gather as much personal info as they can.
Once they have it, they use it to harass or pressure users into paying ridiculous interest rates. They also use shady tactics like countdown timers or “limited-time” offers to create a fake sense of urgency, pushing people to act fast without thinking it through. Instead of helping with finances, these apps trap users in a cycle of debt and invade their privacy.
McAfee’s mobile research team has uncovered 15 apps on the Google Play Store packed with SpyLoan malware. These apps use the same code and systems, targeting users worldwide to steal data and send it to command-and-control (C2) servers. Many of them hide behind fake names and logos that mimic legitimate financial institutions, making them look trustworthy at first glance. You can find the names of these apps in the screenshot added below.
We reached out to Google and a rep confirmed that Android users are automatically protected against known versions of this malware by Google Play Protect. However, it is important to note that Google Play Protect may not be enough. Historically, it isn’t 100% foolproof at removing all known malware from Android devices.
ANDROID BANKING TROJAN EVOLVES TO EVADE DETECTION AND STRIKE GLOBALLY
How do these predatory apps work
The goal of these malicious apps is to gather as much data as possible from infected devices, which they then use to extort users. Victims are often coerced into repaying loans at sky-high interest rates, with some even being threatened for delays. In extreme cases, the app operators have harassed victims’ families and sent death threats, using stolen personal photos as leverage.
These apps request intrusive permissions, giving them access to system data, cameras, call logs, contacts, location, and SMS messages. They justify this data collection by claiming it’s necessary for user verification and anti-fraud measures.
Users signing up for these services are verified through a one-time password (OTP) to confirm their phone number is from the target region. They are also pressured to share additional details like ID documents, bank accounts, and employment information.
ANDROID BANKING TROJAN MASQUERADES AS GOOGLE PLAY TO STEAL YOUR DATA
4 ways to protect yourself from SpyLoan malware
1) Have strong antivirus software: Android has its own built-in malware protection called Play Protect, but the SpyLoan malware proves it’s not enough. Historically, Play Protect hasn’t been 100% foolproof at removing all known malware from Android phones. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.
Holiday Special for CyberGuy Readers (deal ends 12/13): My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers:
- Option 1: $19 / 5 licenses (protects 5 devices)
$19 your first year (80% off) for the TotalAV Antivirus Pro package. Includes licenses to protect 5 devices
- Option 2: $14.95 / 3 devices (protects 3 devices)
$14.95 your first year (85%) for the TotalAV Antivirus Pro package. Includes licenses to protect 3 devices.
2) Download apps from reliable sources: It’s important to download apps only from trusted sources like the Google Play Store. You might say I am contradicting myself, but Play Store is still safer than other options out there. They have strict checks to prevent malware and other harmful software. However, even with the security measures provided by Google Play, downloading apps from the store does not guarantee 100% protection against malware or harmful software. Avoid downloading apps from unknown websites or unofficial stores, as they can pose a higher risk to your personal data and device. Never trust download links that you get through SMS.
3) Be cautious with app permissions: Always review the permissions requested by apps before installation. If an app requests access to features that seem unnecessary for its function, it could be a sign of malicious intent. Do not give any app Accessibility permissions unless you really need to. Avoid granting permissions that could compromise your personal data.
4) Take loans from legit institutions: Always take loans from legitimate financial institutions like banks or well-known lenders. Avoid sketchy apps or services promising instant cash with minimal requirements. They’re often too good to be true. Legit lenders are transparent about their terms, interest rates, and fees, and they won’t demand access to your personal data or pressure you with scare tactics. If you’re unsure about a lender, check reviews, verify their credentials, or consult a financial advisor before committing.
THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION
Kurt’s key takeaway
It can be tempting to use apps that promise instant loans, especially when you need the money. But they’re often just trying to scam you and push you into a never-ending debt cycle. If you need a loan, go to a trusted bank or lender. Protecting yourself from malicious apps like those infected with SpyLoan malware starts with staying informed and cautious. Always scrutinize the apps you download, stick to trusted platforms, and think twice before sharing sensitive information.
Do you think Google does enough to protect users from malware on the Play Store? Let us know in the comments below.
FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
Copyright 2024 CyberGuy.com. All rights reserved. CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.