In a recent development, cybersecurity researchers have uncovered a predatory loan application masquerading as a financial management tool on the Google Play Store. This app, known as SpyLoan, specifically targeted Indian consumers and managed to garner approximately 100,000 downloads before it was ultimately removed from the platform.
The modus operandi of such predatory loan apps is alarmingly straightforward. They often promote themselves as convenient solutions for quick loans, requiring minimal documentation. However, upon installation, these applications demand extensive permissions, allowing them access to sensitive user information, including messages, call logs, contacts, and even photos.
Reviews of the SpyLoan app, as reported by BleepingComputer, reveal the troubling experiences of users. One review expressed frustration, stating, “Very very very bad app they given low loan amount nd black mail to pay High otherwise photoes edited as a nude nd black mailing.” This highlights the deceptive practices employed by the app’s operators.
Furthermore, the app falsely claimed to be affiliated with a registered non-banking financial company, a blatant misrepresentation that raises significant concerns about consumer protection in the digital lending space. According to CYFIRMA, the app utilized a WebView to redirect users to an external site where they could download a separate loan application APK, hosted on an Amazon EC2 server. This tactic allowed the app to bypass some of the safeguards typically employed by Google.
Google, known for its vigilance in identifying malware within its ecosystem, faced scrutiny regarding how the Finance Simplified app evaded detection. In response to the incident, a Google spokesperson confirmed the app’s removal from the Play Store and reassured users that Android devices are “automatically protected” against known malware variants through Google Play Protect. The spokesperson emphasized that this feature can alert users or block apps exhibiting malicious behavior, regardless of their source.
