Google Play

Google Play

Over 8 million users had installed 15 SpyLoan Android apps from Google Play which targeted users primarily in South America, Southeast Asia, and Africa. The apps, which were designed to look like legitimate loan-offering financial applications, executed a scam by exploiting social engineering tactics to collect excessive permissions and sensitive user data. This resulted in various consequences including extortion, harassment, and financial losses for the victims. Users were deceived through misleading advertisements, and their personal data was compromised as a result of granting these applications access beyond what a loan app would typically require.

Source: https://securityaffairs.com/171553/cyber-crime/15-spyloan-android-apps-on-google-play.html

TPRM report: https://scoringcyber.rankiteo.com/company/google-play

"id": "goo000120724",
"linkid": "google-play",
"type": "Cyber Attack",
"date": "11/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Over 8 million users',
                        'location': ['South America',
                                     'Southeast Asia',
                                     'Africa'],
                        'name': 'Google Play Users',
                        'size': 'Over 8 million users',
                        'type': 'Individuals'}],
 'attack_vector': 'Mobile Applications',
 'data_breach': {'type_of_data_compromised': 'Personal Data'},
 'description': 'Over 8 million users had installed 15 SpyLoan Android apps '
                'from Google Play which targeted users primarily in South '
                'America, Southeast Asia, and Africa. The apps, which were '
                'designed to look like legitimate loan-offering financial '
                'applications, executed a scam by exploiting social '
                'engineering tactics to collect excessive permissions and '
                'sensitive user data. This resulted in various consequences '
                'including extortion, harassment, and financial losses for the '
                'victims. Users were deceived through misleading '
                'advertisements, and their personal data was compromised as a '
                'result of granting these applications access beyond what a '
                'loan app would typically require.',
 'impact': {'data_compromised': 'Personal Data',
            'systems_affected': 'Mobile Devices'},
 'initial_access_broker': {'entry_point': 'Mobile Applications'},
 'motivation': 'Financial Gain, Data Theft',
 'post_incident_analysis': {'root_causes': 'Excessive Permissions, Social '
                                           'Engineering'},
 'title': 'SpyLoan Android Apps Scam',
 'type': 'Social Engineering, Data Breach',
 'vulnerability_exploited': 'Excessive Permissions'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.