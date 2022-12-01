



About 300 apps downloaded by about 15 million users have been removed from Google Play and Apple’s app stores. These apps allegedly promised quick loans at reasonable interest rates but used extortion and other predatory schemes against borrowers.

Loans came with hidden fees and high interest rates, increased payments, and apps demanded sensitive information on mobile devices. This included his SMS messages, photos, call history and contact list, which were used against the victim, according to researchers at cybersecurity vendor Lookout.

In some cases, data stolen from devices was used to extort borrowers by threatening to disclose debt-related data and information to their contacts, the researchers wrote in the report.

In total, over 251 Android apps were found on the Google Play souq, with a total of over 15 million downloads, and 35 iOS apps were downloaded on the Apple Store.

Lookout said Wednesday that it has contacted Google and Apple about the app, neither of which is yet available for download.

Chris Clements, vice president of solutions architecture at Cerberus Sentinel, told The Register.

According to Statista, there were about 4 million apps on the Apple Store and over 2.6 million on Google Play.

Such predatory lending apps have been a problem for some time. As we reported earlier this month, India’s Home Ministry has directed state governments to crack down on an illegal lending app it said has led to multiple suicides by borrowers who were harassed and threatened to pay back.

In the first half of this year, Google reportedly removed 2,000 loan apps from the Indian Play store.

Lookout researchers wrote in their report that there are likely dozens of independent operators behind the app, only some of which share a code base. However, all apps followed a similar pattern of tricking victims into unfair loan terms and threatening borrowers to repay.

Although the scammers’ origins could not be determined, the app targeted users in developing regions such as Africa, Southeast Asia, India, Colombia, and Mexico. Financial regulation in such countries tends to be lax and poorly enforced, and some people have low incomes and easy access to mobile apps.

“The focus on developing countries may also explain why we found more loan fraud apps on Android than on iOS,” the researchers wrote. “Outside the US, Android is much more popular, accounting for over 70% of the market. One reason is the availability of his Android devices at very low prices.”

After downloading the app, users were required to provide loan-specific information such as name, address, and work history. However, I was also told to grant permission to data on the device. Many of the apps started stealing contact information as soon as they were given permission.

Victims receive a portion of the loan they apply for, unlike similar scams, but with a fee equal to one-third of the amount borrowed. Very high interest rates were then applied and borrowers were told to repay the loans within days, many of which were against the loan details promised by the Lord App.

“This approach has the advantage of a veil of legitimacy that allows perpetrators to hide behind complex and unethical terms and conditions,” Clements said. “Not only does this potentially convince victims that the scam is perfectly legal, but it also potentially offsets liability from authorities who react very differently to traditional forms of online fraud. there is.”

Loan app scams can consume time and resources, but “there’s a bigger payoff in extorting victims,” ​​says James McQuiggan, a security awareness advocate at KnowBe4 in The Register. is talking to

“Just like in the business world, cybercriminals invest in things that yield high returns. With high interest rates and extortion on victims, they tried to get their money back from the first 10 victims. And then the money started coming in for them.”

Sources 1/ https://Google.com/ 2/ https://www.theregister.com/2022/12/01/apple_google_predatory_loans/

