Researchers discover 300 predatory loan apps on Google Play Store and Apple App Store

Share post:

Lookout researchers discovered approximately 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior such as exfiltrating excessive user data from mobile devices and harassing borrowers for repayment after previously promising quick loans at reasonable rates.

These mobile loan apps were mostly found in Southeast Asian and African countries, including India, Colombia, Indonesia, Kenya, Mexico, Nigeria, the Philippines, Thailand, and Uganda.

More than 251 Android apps were discovered in the Google Play marketplace and downloaded more than 15 million times, while 35 iOS apps in the Apple Store were discovered to be among the top 100 financial apps in regional stores.

They provide quick, fully digital loan approvals with fair loan terms. In reality, they take advantage of victims’ desire for quick cash to entice them into predatory loan contracts and force them to hand over sensitive information such as contacts and SMS messages.

In some cases, the data exfiltrated from the device was used to extort borrowers by threatening to reveal the data or debt information to their contacts.

“In addition to predatory requests for excessive permissions, many of the loan operators engage in scam-like behavior,” according to the report. According to the report, a number of users have reported that their loans have hidden fees, high interest rates, and repayment terms that are far less favorable than what is advertised on app stores.

The sources for this post include an article in TheRegister.

SUBSCRIBE NOW

Related articles

Anthropic Warns: AI “Virtual Employees” Could Pose Security Risks Within a Year

Anthropic, a leading artificial intelligence company, anticipates that AI-powered virtual employees could begin operating within corporate networks as...

Hertz Data Breach Exposes Customer Information via Supply Chain Hack

Hertz has disclosed a data breach resulting from a cyberattack on its vendor, Cleo Communications, which compromised sensitive...

Google’s New Security Feature – Automatic Reboot

Google is introducing a new security feature in its latest Android update that will automatically reboot phones and...

Cybersecurity Firm Prodaft Buys Hacker Forum Accounts to Monitor Cybercriminal Activity

Swiss cybersecurity company Prodaft has initiated a program to purchase verified and aged accounts on hacking forums, aiming...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways