Breach cyber

Google

Dec 1, 2024 1 min read
Google

McAfee researchers discovered 15 SpyLoan Android apps on Google Play that had been downloaded over 8 million times. These apps targeted users mostly in South America, Southeast Asia, and Africa by masquerading as legitimate financial aid applications. They implemented social engineering techniques to extort sensitive user data and permissions that could lead to harassment and financial loss. The malicious activities promoted through deceptive ads led users to install apps that exploit personal data. Once installed, the apps asked for inappropriate permissions, resulting in various privacy infringements. Victims were subjected to intimidation and threats, with one operation linked to a call center in Peru harassing over 7,000 individuals across multiple countries.

Source: https://securityaffairs.com/171553/cyber-crime/15-spyloan-android-apps-on-google-play.html

TPRM report: https://scoringcyber.rankiteo.com/company/google

"id": "goo000120124",
"linkid": "google",
"type": "Breach",
"date": "11/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '8 million',
                        'industry': 'Technology',
                        'location': 'Global',
                        'name': 'Google Play',
                        'type': 'App Store'}],
 'attack_vector': 'Malicious Apps',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Data',
                                              'Sensitive User Data']},
 'description': 'McAfee researchers discovered 15 SpyLoan Android apps on '
                'Google Play that had been downloaded over 8 million times. '
                'These apps targeted users mostly in South America, Southeast '
                'Asia, and Africa by masquerading as legitimate financial aid '
                'applications. They implemented social engineering techniques '
                'to extort sensitive user data and permissions that could lead '
                'to harassment and financial loss. The malicious activities '
                'promoted through deceptive ads led users to install apps that '
                'exploit personal data. Once installed, the apps asked for '
                'inappropriate permissions, resulting in various privacy '
                'infringements. Victims were subjected to intimidation and '
                'threats, with one operation linked to a call center in Peru '
                'harassing over 7,000 individuals across multiple countries.',
 'impact': {'data_compromised': True, 'identity_theft_risk': True},
 'initial_access_broker': {'entry_point': 'Google Play Store'},
 'motivation': 'Financial Gain',
 'title': 'SpyLoan Android Apps Incident',
 'type': 'Malware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.