Dangerous malware targets you through fake loan app

Some of these apps do not even bother giving loans. They just grab your data and start the harassment. One such app has been making the rounds on the Play Store, racking up more than 100,000 downloads and putting thousands of Android users at risk of blackmail and extortion.

The app surged from 50,000 to 100,000 downloads in a single week despite red flags in user reviews about harassment and blackmail.

Once downloaded, the app requested excessive permissions far beyond what a typical financial app would need, including access to contacts, SMS messages, call logs, photos and location data. This allowed the malware to silently collect personal information from users' devices.

The stolen data fueled a vicious cycle of scams and extortion. SpyLoan apps like SpyLend lure users with attractive loan terms, only to exploit their data for predatory lending practices. If users fail to meet repayment demands, the operators weaponize their information by harassing them, blackmailing them with threats of leaking private photos or contacting their friends and family, and creating a climate of fear and coercion.

In some cases, the extortion escalated to public shaming or even deepfake creation using stolen images, amplifying the psychological and financial toll on victims.

However, it is important to note that Google Play Protect may not be enough. Historically, it isn't 100% foolproof at removing all emerging malware from Android devices.

SpyLend is a serious threat because it steals a huge amount of personal information. It digs into contact lists and call histories, reads text messages, including banking alerts, and grabs photos and videos from storage.

It also collects device details like the model and OS version, tracks location in real time every three seconds, records past locations and IP addresses, and it even saves the last 20 copied texts from the clipboard. On top of that, it gathers financial data like loan histories and banking SMS messages.

This stolen data is not just used for blackmail, as it is often sold to cybercriminals. By preying on people already struggling financially, SpyLend puts nearly every part of their digital lives at risk.

1) Avoid suspicious loan apps: Stick to apps from well-known banks, credit unions or lenders registered with the Consumer Financial Protection Bureau or other regulatory bodies. 

3) Download apps from reliable sources: It's important to download apps only from trusted sources like the Google Play Store. You might say I am contradicting myself, but Play Store is still safer than other options out there. They have strict checks to prevent malware and other harmful software. However, even with the security measures provided by Google Play, downloading apps from the store does not guarantee 100% protection against malware or harmful software. Avoid downloading apps from unknown websites or unofficial stores, as they can pose a higher risk to your personal data and device. Never trust download links that you get through SMS.

4) Review app permissions carefully: If an app asks for unnecessary permissions, like access to your contacts, call logs or storage, do not install it. A legitimate loan app should only require essential permissions related to financial transactions.

5) Check reviews and red flags: Before installing any financial app, read user reviews carefully. If multiple people report harassment, blackmail or excessive permissions, avoid the app entirely.

The promise of quick and easy money can be tempting, especially during tough times, making it easy to fall for these scams. However, there are safer and more reliable ways to take loans. As a general rule, it is best to avoid borrowing money through online apps unless they are from well-known financial institutions. Google also needs to take responsibility for allowing SpyLoan apps on the Play Store, even when user reviews clearly indicate they are malicious.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.