The SpyLend malware, distributed through Google Play as the app 'Finance Simplified', targeted Indian users and facilitated financial crimes. Infected over 100,000 devices, the malware offered fake loan applications that captured extensive personal data, including contacts, call logs, and photos. This accessed sensitive information was then utilized for blackmail and extortion, with some cases involving manipulated victims' photos. Despite negative reviews on Google Play, the app's rapid download growth within a week and the misuse of personal data for predatory practices highlight a significant lapse in app store security and user safety.
Source: https://securityaffairs.com/174540/malware/spylend-android-malware-100k-downloard.html
"id": "goo000022825",
"linkid": "google",
"type": "Cyber Attack",
"date": "2/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"