Ransomware cyber

Google Play

Feb 25, 2025 1 min read
Google Play

Google Play was infiltrated by the SpyLend Android malware, affecting 100,000 users, predominantly in India. This malicious app, disguised as 'Finance Simplified,' deceived users by offering easy loans while harvesting excessive permissions. The malware not only stole personal data such as contacts, call logs, photos, and location but also enabled operators to blackmail users through the creation of phony nudes. It represents a significant privacy breach and reveals the platform's vulnerability to hosting apps that facilitate financial crimes and psychological manipulation.

Source: https://securityaffairs.com/174540/malware/spylend-android-malware-100k-downloard.html

TPRM report: https://scoringcyber.rankiteo.com/company/google-play

"id": "goo000022525",
"linkid": "google-play",
"type": "Ransomware",
"date": "2/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '100,000 users, predominantly in '
                                              'India',
                        'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Google Play',
                        'type': 'Platform'}],
 'attack_vector': 'Malicious App',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': '100,000',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Contacts',
                                              'Call Logs',
                                              'Photos',
                                              'Location']},
 'description': 'Google Play was infiltrated by the SpyLend Android malware, '
                'affecting 100,000 users, predominantly in India. This '
                "malicious app, disguised as 'Finance Simplified,' deceived "
                'users by offering easy loans while harvesting excessive '
                'permissions. The malware not only stole personal data such as '
                'contacts, call logs, photos, and location but also enabled '
                'operators to blackmail users through the creation of phony '
                'nudes. It represents a significant privacy breach and reveals '
                "the platform's vulnerability to hosting apps that facilitate "
                'financial crimes and psychological manipulation.',
 'impact': {'data_compromised': ['Contacts',
                                 'Call Logs',
                                 'Photos',
                                 'Location']},
 'initial_access_broker': {'entry_point': 'Google Play'},
 'motivation': ['Data Theft', 'Blackmail'],
 'title': 'SpyLend Android Malware Infiltration',
 'type': 'Malware Infiltration',
 'vulnerability_exploited': 'Excessive Permissions'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.