Leading antivirus provider ESET is rolling out a series of alerts regarding malicious Android platforms. The latter include those pretending to give desperate users a quick loan, promising swift and ideal service in return for a download.
But what many people don’t realize is that it’s a huge scam that’s causing serious alarm as the threat continues to loom as we speak.
The news report was published today featuring more detail about the situation and how it continues to pop up across Google’s Play Store in the form of apps. These might seem like they’re authentic and giving real loans but that’s far from the case, ESET added.
What they actually do is steal data belonging to the user including personal and sensitive credentials while blackmailing them in the end.
Referring to the entire campaign as those featuring SpyLoan platforms, ESET says the current target seems to be those hailing from Africa, Latin America, and even parts of Southeast Asia.
Those behind these apps continue to market the malware across leading social media platforms, and websites, and even by attracting the masses through a simple text message. But the main issue is how it’s still relevant on Google Play and that’s a clear problem as downloads continue as we speak.
As a whole, ESET says nearly 18 such kinds of apps are in function and they arose from the same device code that was outlined to be removed from Google with immediate effect.
But even before requests for their deletion and takedown were made, close to 12 million installations had already taken place from the Google Play Store. But the last one that was unveiled on the Google Play Store continues to be present but it’s been outlined to have undergone intense changes by its developers to no longer carry out malicious activity.
As per reports from ESET, such apps were first rolled out in the year 2020 and that later went on to cause a rise in such malicious apps during 2022. This led tech giants like Apple as well as Google to investigate and crack down against the platforms. But still, ESET claims Google Play has a long way to go as the threat continues to surge right now as well, even through third-party sources like Android stores that impersonate banking services that seem authentic at first.
After the user downloads the SpyLoan platform, they’re forced to accept service terms and provide major permissions that give hackers the chance to get their sensitive data and details that happen to be saved on the device.
And if you want to accept the loan, users must roll out more details on this front including personal data like pictures, bank account details, and even images found on their ID cards too.
Once downloaded, and data is stolen, the user is left in a vulnerable state where they’re continually harassed and blackmailed to try and produce payments as per the reviews seen so far by those who have been victims of the ordeal.
And that’s even if the user in question failed to ask for a loan or asked for one but it did not get approved. Such threats include the likes of queries like if you’re willing to put your security at risk or if you’re willing to accept the consequences of your actions.
Meanwhile, some platforms go to the extent of demanding 160% to a whopping 340% rate for extra fees or interest concerns. For this reason, ESET warns users to be super vigilant when downloading such types of shady apps across any device.
So what is the solution outlined by ESET to keep safe at all times? The anti-virus provider says users should never trust any borrower making big and unreal claims and also never put trust in places that are non-established or new in the market as chances are that they’re more of a scam than anyone else.
Meanwhile, staying educated and spreading awareness on the matter is equally important because SpyLoan platforms are really hard to differentiate from those that are authentic and that is a scary issue.
For now, Google is yet to comment on the matter but the company did roll out a new policy in May this year where it outlined a complete ban on personal loan-providing apps online that ask for pictures and contact details as well as videos of the user.
Four years back, the search engine giant says it made way for the App Defense Alliance which you can find ESET to be enrolled in too. The goal is to eradicate malware threats that are aimed in Google Play’s direction.
Read next: Jamf Sounds Alert on Deceptive Lockdown Mode Installation Risks
But what many people don’t realize is that it’s a huge scam that’s causing serious alarm as the threat continues to loom as we speak.
The news report was published today featuring more detail about the situation and how it continues to pop up across Google’s Play Store in the form of apps. These might seem like they’re authentic and giving real loans but that’s far from the case, ESET added.
What they actually do is steal data belonging to the user including personal and sensitive credentials while blackmailing them in the end.
Referring to the entire campaign as those featuring SpyLoan platforms, ESET says the current target seems to be those hailing from Africa, Latin America, and even parts of Southeast Asia.
Those behind these apps continue to market the malware across leading social media platforms, and websites, and even by attracting the masses through a simple text message. But the main issue is how it’s still relevant on Google Play and that’s a clear problem as downloads continue as we speak.
As a whole, ESET says nearly 18 such kinds of apps are in function and they arose from the same device code that was outlined to be removed from Google with immediate effect.
But even before requests for their deletion and takedown were made, close to 12 million installations had already taken place from the Google Play Store. But the last one that was unveiled on the Google Play Store continues to be present but it’s been outlined to have undergone intense changes by its developers to no longer carry out malicious activity.
As per reports from ESET, such apps were first rolled out in the year 2020 and that later went on to cause a rise in such malicious apps during 2022. This led tech giants like Apple as well as Google to investigate and crack down against the platforms. But still, ESET claims Google Play has a long way to go as the threat continues to surge right now as well, even through third-party sources like Android stores that impersonate banking services that seem authentic at first.
After the user downloads the SpyLoan platform, they’re forced to accept service terms and provide major permissions that give hackers the chance to get their sensitive data and details that happen to be saved on the device.
And if you want to accept the loan, users must roll out more details on this front including personal data like pictures, bank account details, and even images found on their ID cards too.
Once downloaded, and data is stolen, the user is left in a vulnerable state where they’re continually harassed and blackmailed to try and produce payments as per the reviews seen so far by those who have been victims of the ordeal.
And that’s even if the user in question failed to ask for a loan or asked for one but it did not get approved. Such threats include the likes of queries like if you’re willing to put your security at risk or if you’re willing to accept the consequences of your actions.
Meanwhile, some platforms go to the extent of demanding 160% to a whopping 340% rate for extra fees or interest concerns. For this reason, ESET warns users to be super vigilant when downloading such types of shady apps across any device.
So what is the solution outlined by ESET to keep safe at all times? The anti-virus provider says users should never trust any borrower making big and unreal claims and also never put trust in places that are non-established or new in the market as chances are that they’re more of a scam than anyone else.
Meanwhile, staying educated and spreading awareness on the matter is equally important because SpyLoan platforms are really hard to differentiate from those that are authentic and that is a scary issue.
For now, Google is yet to comment on the matter but the company did roll out a new policy in May this year where it outlined a complete ban on personal loan-providing apps online that ask for pictures and contact details as well as videos of the user.
Four years back, the search engine giant says it made way for the App Defense Alliance which you can find ESET to be enrolled in too. The goal is to eradicate malware threats that are aimed in Google Play’s direction.
Read next: Jamf Sounds Alert on Deceptive Lockdown Mode Installation Risks
