A Study Reveals Loan Apps Violating Privacy of Millions of Mexicans
Written in ECONOMY,
Introduction
A recent study conducted by ESET Latin America, a specialized technological security company, has uncovered a concerning issue regarding loan applications that have violated the private information of millions of Mexicans. These applications have been downloaded a staggering 12 million times.
The Scope of the Issue
According to the study, at least 18 malicious lending applications, which were available on the Google Play Store, were found to be operating in multiple countries including Mexico, Indonesia, Thailand, Vietnam, India, Pakistan, Colombia, Peru, Philippines, Egypt, Kenya, Nigeria, and Singapore.
These apps had access to sensitive information such as call logs, calendar events, device information, lists of installed applications, local Wi-Fi network details, and even files stored on the smartphones. This was made possible through the use of the SpyLoan code.
The Identified Applications
The following loan applications were found to be involved:
- AA Kredit (com.aa.kredit.android)
- Amor Cash: Loans Without Bureau (com.amorcash.credito.prestamo)
- Gold Loan – Fast Cash (com.app.lo.go)
- Cashwow (com.cashwow.cow.eg)
- CrediBus Credit loans (com.dinero.profin.prestamo.credito.credit.credibus.loan.efectivo.cash)
- CreditLoans-GuavaCash (com.guava.cash.credit.mx.tala)
- Credit Loans-YumiCash (com.loan.cash.credit.tala.prestmo.fast.branch.mextamo)
- Go Credit (com.mlo.xango)
- Instant Loan (com.mmp.optima)
- Big letter (com.mxolp.postloan)
- Fast Credit (com.okey.prestamo)
- Finupp Lending (com.shuiyiwenhua.gl)
- 4S Cash (com.swefjjghs.weejteop)
- TrueNaira – Online Loan (com.truenaira.cashloan.moneycredit)
- EasyCash (king.credit.ng)
Actions Taken by Google Play
Upon discovering the malicious nature of these applications, Google Play has removed 17 of them from its catalog. The last identified application underwent changes to its permissions and functionality by the American company, making it undetectable as an application with SpyLoan.
Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Laboratory, emphasized, «It is important to note that each instance of a SpyLoan application, regardless of its origin, behaves identically. If users download an application, they will experience the same functions and face the same risks, regardless of where they obtained the application from.»
The Origin of SpyLoan
ESET Research began tracking the malicious SpyLoan scheme in 2020. According to Fabio Assolini, director of the Global Research and Analysis Team for Latin America at Kaspersky, SpyLoan disguises itself within applications that are spread through advertisements on social networks.