Google has wiped 17 malicious apps from its Google Play Store, but that doesn't automatically mean that you are safe. That's because if you've previously installed any of these dangerous Android apps, they will continue to exist on your phone or tablet and could harvest sensitive information.
Google will not delete apps that have been downloaded to your handset — by removing them from the Play Store, the Californian giant only prevents others from downloading them for the first time.
Experts at cybersecurity firm ESET first identified the 18 predatory Android apps, which had been collectively downloaded over 12 million times. However, one of these applications changed its underlying code, enabling it to return to the Play Store, so there are only 17 that experts believe users should be concerned about.
Each of these apps claimed to offer speedy access to loans, but behind the scenes, the software was actually harvesting personal information from your Android phone or tablet. None of the apps offered the ability to apply for a loan via a website since loading up Google Chrome (or any other Android browser) wouldn't present the same opportunities to steal buckets of sensitive data from your device.
According to ESET, the personal information and photos stolen by the app would be used to blackmail and harass those unfortunate enough to have downloaded the malicious software.
In one instance, the developers behind the app threatened to release photographs and videos stolen from the phone on social media unless the owner of the Android device paid a ransom.
The loan apps were listed on the Google Play Store, which adds a sense of legitimacy to the dangerous software. However, there were some tell-tale signs, like the lack of any reviews
GOOGLE PLAY STORE | ESET
To siphon the personal data needed to blackmail Android users, the apps arrive with misleading privacy policies that attempt to explain why an application to issue loans would need permissions to access photos, videos, camera, calendar, contacts, and a complete history of your calls and text messages.
In a company blog about the latest crop of malicious Android apps, ESET Malware Researcher Lukas Stefanko wrote: "Since the beginning of 2023, ESET researchers have observed an alarming growth of deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access to funds.
"Despite their attractive appearance, these services are in fact designed to defraud users by offering them high-interest-rate loans endorsed with deceitful descriptions, all while collecting their victims’ personal and financial information to blackmail them, and in the end gain their funds."
Even if you were one of the lucky ones who wasn't targetted by the blackmail and harassing messages, these apps acted as a form of modern-day digital usury, which refers to the charging of excessive interest rates on loans, taking advantage of vulnerable individuals with urgent financial needs or those with very limited access to mainstream financial institutions.
Social media campaigns promoting the apps as a legitimate way to access loans helped to push these dangerous apps to 12 million downloads, researchers say.
The Android apps were designed to target users in Mexico, Indonesia, Thailand, Vietnam, India, Pakistan, Colombia, Peru, the Philippines, Egypt, Kenya, Nigeria, and Singapore. All of these countries have laws that govern private loans, including the interest rates that can be offered to users, so ESET researchers aren't entirely sure why these specific countries were targeted.
"At the time of writing, we haven’t seen an active campaign targeting European countries, the USA, or Canada," Stefanko reassures.
Security experts always advise sticking with the official source when downloading an app. For example, if you're looking to download a loan app, it's worth checking the provider's website or social media channels to see whether they even offer a mobile app.
If so, there should be a link to the legitimate software on the Google Play Store or Apple App Store.
Pay close attention to the reviews on software — as well as the permissions requested by the app. Do these seem proportionate? Ask yourself why the app would even need access to certain data to perform its functions.
ESET warns: "It is crucial for individuals to exercise caution, validate the authenticity of any financial app or service, and rely on trusted sources. By staying informed and vigilant, users can better protect themselves from falling victim to such deceptive schemes."
The full list of Android apps identified by researchers follows below. You'll only need to take action if you've previously downloaded this software onto your devices, otherwise, the removal from the Play Store by Google will protect you from running into these malicious apps in future.
LATEST DEVELOPMENTS
This isn't the first time cybersecurity experts have stumbled across a worrying scheme like this. Starting in 2020, researchers identified a bombardment of over 300 apps across Android and iOS that exploited the current cost-of-living crisis to pressure individuals into predatory loan contracts and often allowed the software to access extremely sensitive information, like contact details and text messages. Those apps were identified as part of a joint operation by Kaspersky, Lookout, and Zimperium.
