Researchers at Lookout Threat Lab have discovered close to 300 mobile loan applications on Google Play and the Apple App Store that exhibit predatory behavior such as exfiltrating excessive user data from mobile devices and harassing borrowers for repayment.
These apps, which were found in Southeast Asian and African countries, as well as India, Colombia, and Mexico, purportedly offer quick, fully-digital loan approvals with reasonable loan terms. In reality, they exploit victims’ desire for quick cash to ensnare borrowers into predatory loan contracts and require them to grant access to sensitive information such as contacts and SMS messages.
In addition to predatory requests for excessive permissions, many of the loan operators display scam-like actions. A number of users have reported that their loans come with hidden fees, high interest rates, and repayment terms that are much less favorable than what is posted on the app stores.
They also found evidence that the data exfiltrated from devices are sometimes used to pressure for repayment, either by harassing the customers themselves or their contacts.
In total, they uncovered 251 Android apps on the Google Play store with over 15 million collective downloads. They also identified 35 apps on the Apple App Store that were in the top 100 finance apps in their regional stores. Lookout has been in contact with Google and Apple about these apps and at the time of publishing, none of them are available for download.
Based on their analysis, there are likely dozens of independent operators involved, as they only found shared code bases between small batches of apps. With that said, all the apps have a very similar business model, which is to trick victims into unfair loan terms and threaten them to pay.
