Lookout researchers discovered approximately 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior such as exfiltrating excessive user data from mobile devices and harassing borrowers for repayment after previously promising quick loans at reasonable rates.
These mobile loan apps were mostly found in Southeast Asian and African countries, including India, Colombia, Indonesia, Kenya, Mexico, Nigeria, the Philippines, Thailand, and Uganda.
More than 251 Android apps were discovered in the Google Play marketplace and downloaded more than 15 million times, while 35 iOS apps in the Apple Store were discovered to be among the top 100 financial apps in regional stores.
They provide quick, fully digital loan approvals with fair loan terms. In reality, they take advantage of victims’ desire for quick cash to entice them into predatory loan contracts and force them to hand over sensitive information such as contacts and SMS messages.
In some cases, the data exfiltrated from the device was used to extort borrowers by threatening to reveal the data or debt information to their contacts.
“In addition to predatory requests for excessive permissions, many of the loan operators engage in scam-like behavior,” according to the report. According to the report, a number of users have reported that their loans have hidden fees, high interest rates, and repayment terms that are far less favorable than what is advertised on app stores.
The sources for this post include an article in TheRegister.
