New malicious Android apps have recently been discovered in the Google Play Store. Particularly dangerous, they are designed to blackmail their victims in exchange for their personal information.
Once again, numerous corrupted applications have recently been detected in the Play Store, Google’s store for Android. This time, it’s a new type of malware, called SpyLoan. These apps, which mainly target Internet users who need money quickly, pose as financial institutions in order to offer them bank loans. Despite their attractive offers, these services are used by cybercriminals to recover their personal and banking data. Like others, they then imitate real banking apps to dip into accounts. But, above all, and this is their specificity, they use the information recovered to blackmail their victims!.
SpyLoan: blackmail apps
As revealed a report from Eseta company specializing in security, these malicious applications have grown exponentially since 2020, with the most popular totaling no less than 12 million downloads on the Google Play Store. “While these SpyLoan applications technically comply with the requirements of a privacy policy, their practices clearly go beyond the scope of data collection necessary for the provision of financial services”indicates Eset in his report.
Unfortunately, cybercriminals always end up violating Google’s financial services policy. According to Eset, these applications have only one objective: “Spying on users, harassing them and blackmailing them and their contacts.”. Because, yes, hackers use these applications to steal the private data of their victims. This is particularly the case for messages, Wi-Fi network information, calendar, geolocation, multimedia file metadata or even worse… banking information. Once they have collected this valuable information, cybercriminals use it to blackmail their prey by asking them for money in return. Very often, they threaten to disseminate the information collected with the aim of harming and humiliating them. Some victims were harassed at length with death threats! The hackers even tried to blackmail other people in their contacts.
In its report, Eset indicates that SpyLoans have recently experienced a sharp increase again: almost 90% during the first half of 2023. To deal with this, the organization alerted Google, which was then able to ban the malicious applications concerned present in the Play Store. To avoid falling into the SpyLoan trap, Eset advises users not to trust dubious financial applications and to contact official and recognized organizations. “You are better off only applying for loans from established institutions like well-known banks or other certified lenders”concludes Eset.. The voice of common sense.