SpyLoan Apps Installed on Over 8 Million Android Phones Amidst Rise in Predatory Loan Apps

Predatory loan apps can bring a lot of trouble for unsuspecting users, and malicious actors continue to release new malware versions, despite efforts taken by platforms like Google to clamp down on these nefarious apps. A security firm has now detected 15 apps that are infected by ‘SpyLoan’, a potentially unwanted program (PUP) that has continued to grow since 2020. Google has suspended some of the affected apps, but users who have already downloaded them on their handsets will have to perform a manual uninstall.

Fifteen SpyLoan Apps Found Installed on Android Phones

McAfee’s mobile research team identified 15 SpyLoan apps on the Play Store — these are a form of nefarious predatory loan apps that affect Android smartphones. These apps were installed on over 8 million Android devices, according to the security firm. Some of these apps were either suspended or updated after the report was published.

Some of the SpyLoan apps detected on the Play Store
Photo Credit: McAfee

These SpyLoan apps typically request several permissions once they are installed on a user’s smartphone and begin to collect vast amounts of personal information. This data is encrypted before it is exfiltrated to a command-and-control server. These apps also share a common framework and code, and they present a similar user flow — including asking for a one-time password (OTP) — according to the firm.

Despite using logos that and names that mimic reputable apps, these SpyLoan apps reportedly managed to bypass the checks performed by Google before it allows apps on the Play Store. They also lure users with the promise of quick and easy loans, while using a countdown timer to push them to sign up. 

Several one-star reviews of some of these apps on the Play Store contain complaints from users who have received threatening calls and messages from recovery agents. Some of these users also allege that they were threatened with modified images stolen from their devices.

Users are prompted to act quickly using fake countdowns
Photo Credit: McAfee

According to McAfee, India leads the list of countries that had the highest prevalence of fake loan apps in Q3 2024. The other countries, in order, are Mexico, Philippines, Indonesia, Thailand, Kenya, Colombia, Vietnam, Chile, and Nigeria.

It’s worth noting that the RBI and the Finance Ministry have taken action against several apps in India over the past couple of years. However, McAfee’s mobile research team states that the number of these apps continues to increase despite efforts from government agencies.

Users can check their smartphones for any of the apps listed below. If these apps are still installed, they must be manually removed from the handset in order to cut off access to their personal information. Users should also limit themselves to installing well known apps on their devices, to minimise the risk posed by these applications.