Google Play

Google Play was found to host 15 SpyLoan Android apps, accumulating over 8 million installs, targeting users primarily in South America, Southeast Asia, and Africa. These apps, mimicking legitimate financial service providers, tricked users into providing sensitive data under the guise of offering quick and easy loans. Users were lured through social media ads and deceptive marketing into downloading the apps, which then requested extensive permissions leading to excessive data access. Malicious actors exploited this information for extortion and harassment, causing significant financial loss and personal distress for the affected individuals. Resultant actions from these breaches include threats, misuse of personal data, and intensive spamming of victims' contacts.

Source: https://securityaffairs.com/171553/cyber-crime/15-spyloan-android-apps-on-google-play.html

"id": "goo001120824",
"linkid": "google-play",
"type": "Ransomware",
"date": "11/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"