Cybersecurity firm McAfee says it’s identified a “significant global increase” in a smartphone hack that triggers extortion, harassment and drains bank accounts.
McAfee says hackers are increasingly deploying a group of malicious financial apps containing “SpyLoan” malware, posing a serious threat with more than eight million active installations around the world.
The apps are on Google Play and use the names, logos, brand colors and interfaces of well-known financial institutions.
Once installed, users are asked for sensitive personal information and documents.
“Users are prompted to provide sensitive legal identification documents and personal information, banking accounts, employee information along with device data that is exfiltrated from the victim’s device.”
The privacy terms of the predatory loan apps are extensive and require users to allow access to data such as text messages, call logs and contact addresses. The information is sometimes used as a tool to enforce repayment of loans, according to McAfee.
“Users have reported alarming experiences, such as:
– Receiving threatening calls and death threats for delayed payments.
– Having personal photos and IDs misused to intimidate them.
– The app accesses their contacts to send harassing messages to friends and family.”
The firm says users of the predatory loans are experiencing rampant cases of privacy violations.
“Personal information is exploited for blackmail or sold to third parties. This might include sextortion with victims’ pictures that can be exfiltrated or created with AI.”
The predatory loans offered by the malicious apps are expensive while the loan terms lack transparency.
“Hidden Fees and High Interest Rates: Users receive less than the promised loan amount but are required to repay the full amount plus exorbitant fees within a short period.
Unauthorized Charges: Some apps initiate unauthorized transactions or charge hidden fees.”
To stay safe, McAfee recommends people carefully monitor their phone’s permissions, verify app legitimacy and report suspicious activity to authorities or app stores.
The predatory loan apps are most prevalent in Africa, South America and Southeast Asia with India, Mexico, Philippines, Indonesia, Thailand, Kenya, Colombia, Vietnam, Chile and Nigeria being the worst hit.