Android phones under attack from malicious apps with over 8 million installs — delete these now
These 15 dangerous apps are being downloaded right from the Play Store and other official apps stores
Even if you know better, it’s easy to get wrapped up in the idea of quick, hassle-free cash delivered instantly to your smartphone. In fact, the appeal is so strong that scammers are now using this idea as a lure in a new predatory loan app campaign.
According to a new blog post from McAfee, the cybersecurity firm’s researchers have identified 15 apps with a combined 8 million installations that are stealing personal and financial data from their victims. The apps in question were found on the Google Play Store and other official app stores which makes them particularly dangerous since they’re being distributed through official channels on a global level.
To get unsuspecting users to download them, these malicious apps use names, logos and designs that are very similar to official financial apps. They’re also promoted through fake ads on social media sites.
Here’s everything you need to know about these 15 new SpyLoan apps and how you can avoid falling victim to them and similar scams online.
Delete these apps right now
When you take a look at the list of predatory loan apps below, you’ll see that most of them are being used to target Android users in South America, Southern Asia and Africa. Still, scammers could easily create a similar malicious app to target users in the U.S. and find a way to get it listed on an official app store.
If you have any of these apps installed, it’s highly recommended that you manually delete it from your phone. While Google Play Protect and the best Android antivirus apps can catch malicious apps spreading malware, apps like these can be harder to detect since their malicious activity is usually handled outside the app itself.
Here’s the full list of all 15 recently discovered SpyLoan apps along with how many times they’ve each been downloaded:
App name | Downloads |
Préstamo Seguro-Rápido, Seguro | 1 million |
Préstamo Rápido-Credit Easy | 1 million |
Get Baht Easily - Quick Loan (ได้บาทง่ายๆ-สินเชื่อด่วน) | 1 million |
RupiahKilat-Dana cair | 1 million |
Borrow Happil - Loan (ยืมอย่างมีความสุข – เงินกู้) | 1 million |
Happy Money (เงินมีความสุข – สินเชื่อด่วน) | 1 million |
KreditKu-Uang Online | 500 thousand |
Dana Kilat-Pinjaman kecil | 500 thousand |
Cash Loan-Vay tiền | 100 thousand |
RapidFinance | 100 thousand |
PrêtPourVous | 100 thousand |
Huayna Money – Préstamo Rápido | 100 thousand |
IPréstamos: Rápido Crédito | 100 thousand |
ConseguirSol-Dinero Rápido | 100 thousand |
ÉcoPrêt Prêt En Ligne | 100 thousand |
SpyLoan apps hiding in plain sight
SpyLoan apps like the ones listed above use the promise of quick and flexible loans — often with low rates and minimal requirements — to trick unsuspecting users into downloading them and filling out their personal and financial information.
Instead, they’re primarily designed to collect as much personal information as possible on potential victims. From there, the scammers behind the apps use this info to harass and extort users into paying incredibly high and predatory interest rates on what little money they do receive.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
The predatory loan apps I’ve covered in the past often gave victims some but not all of the money they were approved for. They then had a very short amount of time to repay their loan in full before constantly badgered with harassing messages and phone calls.
In its blog post, McAfee’s researchers point out that most SpyLoan apps have the same or a similar onboarding process in which victims are presented with a list of nearly identical privacy terms to which they have to agree in order to proceed. These terms describe and justify why so much sensitive data has to be collected by the app. However, no bank would require this much data or these kinds of sensitive permissions on one of the best Android phones.
It’s worth noting that many of these 15 SpyLoan apps share the same command and control (C2) infrastructure for data exfiltration. As such, it’s highly likely that the same developer or group of cybercriminals is behind all of them.
Besides hidden fees and high interest rates, installing one of these SpyLoan apps could also lead to unauthorized charges on your financial accounts. Likewise, your personal information could be sold to third parties or even used for blackmail purposes if you don’t repay your loan as quickly as the scammers want you to. At the end of its blog post, McAFee shares some of the experiences that victims had to deal with. From threatening calls and death threats to their friends and family being sent harassing messages, the scammers behind these predatory loan apps will go to extreme lengths.
How to stay safe from dangerous apps
If an app or what it offers seems too good to be true, steer clear and avoid downloading it altogether. However, if you are curious, there are a few dead giveaways that an app might be malicious.
For starters, you want to check an app’s rating and reviews. Many of these SpyLoan apps have loads of one star reviews and ratings that warn others to avoid them at all costs. As app ratings and reviews can be faked, it’s always a good idea to look elsewhere too. Video reviews are great as they show the app in question in action but written ones can provide a lot of useful info too. If there aren’t any external reviews for a particular app, it’s better to avoid downloading it. You should also look into the developer and check out their other apps just to be safe.
When you do install new apps on your phone, make sure to pay close attention the first time you run it. Most apps ask for permissions to do what they’re intended to do but malicious apps will ask for access to even more of them and ones that don’t really make sense. For example, a flashlight app doesn’t need access to your contacts or to your phone’s dialer. If an app asks for permission to use Android’s accessibility services, this can be a major red flag as hackers often abuse this feature to make their malware more powerful.
Another important thing that will help keep your Android phone safe is to install the latest updates as soon as they become available. Hackers love to prey on users running outdated software and even those small monthly updates can contain security patches and other fixes.
SpyLoan apps likely won’t be going anywhere anytime soon given how profitable they can be for scammers. This is why you need to be extra careful when downloading new apps onto your Android phone or tablet and this is especially true if you share devices with young children.
More from Tom's Guide
Anthony Spadafora is the managing editor for security and home office furniture at Tom’s Guide where he covers everything from data breaches to password managers and the best way to cover your whole home or business with Wi-Fi. He also reviews standing desks, office chairs and other home office accessories with a penchant for building desk setups. Before joining the team, Anthony wrote for ITProPortal while living in Korea and later for TechRadar Pro after moving back to the US. Based in Houston, Texas, when he’s not writing Anthony can be found tinkering with PCs and game consoles, managing cables and upgrading his smart home.