Cyber Attack cyber

Google Play

Feb 26, 2025 1 min read
Google Play

The SpyLend malware disguised as a financial app under the name 'Finance Simplified' targeted users on Google Play. Using the guise of providing easy loans, the app exploited permissions to access personal data, leading to blackmail, harassment, and the creation of fake nudes for extortion. With over 100,000 downloads, the impact was significant, resulting in negative reviews and reports of data misuse. The app's actual intent was to siphon sensitive information such as contacts, call logs, and photos, for malicious purposes. Despite reports, the app remained available for download, doubling its reach within a week, and compromising user privacy and financial security.

Source: https://securityaffairs.com/174540/malware/spylend-android-malware-100k-downloard.html

TPRM report: https://scoringcyber.rankiteo.com/company/google-play

"id": "goo000022625",
"linkid": "google-play",
"type": "Cyber Attack",
"date": "2/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 100000,
                        'industry': 'Technology',
                        'name': 'Google Play Users',
                        'type': 'Individuals'}],
 'attack_vector': 'Mobile Application',
 'data_breach': {'type_of_data_compromised': ['Contacts',
                                              'Call Logs',
                                              'Photos']},
 'description': 'The SpyLend malware disguised as a financial app under the '
                "name 'Finance Simplified' targeted users on Google Play. "
                'Using the guise of providing easy loans, the app exploited '
                'permissions to access personal data, leading to blackmail, '
                'harassment, and the creation of fake nudes for extortion. '
                'With over 100,000 downloads, the impact was significant, '
                'resulting in negative reviews and reports of data misuse. The '
                "app's actual intent was to siphon sensitive information such "
                'as contacts, call logs, and photos, for malicious purposes. '
                'Despite reports, the app remained available for download, '
                'doubling its reach within a week, and compromising user '
                'privacy and financial security.',
 'impact': {'data_compromised': ['Contacts', 'Call Logs', 'Photos'],
            'systems_affected': 'Mobile Devices'},
 'initial_access_broker': {'entry_point': 'Mobile Application'},
 'motivation': ['Blackmail', 'Harassment', 'Extortion'],
 'title': 'SpyLend Malware Incident',
 'type': 'Malware',
 'vulnerability_exploited': 'Excessive Permissions'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.