Security News > 2023 > December > SpyLoan Android malware on Google Play downloaded 12 million times
More than a dozen malicious loan apps, which are generically named SpyLoan, have been downloaded more than 12 million times this year from Google Play but the count is much larger since they are also available on third-party stores and suspicious websites.
Since the start of the year, cybersecurity company ESET, a member of the App Defense Alliance dedicated to detecting and eradicating malware from Google Play, has discovered 18 SpyLoan apps.
Google reacted to ESET's reporting and removed 17 of the malicious apps, while one of them is now available with a different set of permissions and functionality and is no longer detected as a SpyLoan threat.
To defend against the SpyLoan threat, only trust established financial institutions, carefully review the requested permissions upon installing a new app, and read user reviews on Google Play, which often contain clues about the fraudulent nature of the app.
Google Play adds security audit badges for Android VPN apps.
Avast confirms it tagged Google app as malware on Android phones.
News URL
Related news
- Google adds Android auto-reboot to block forensic data extractions (source)
- New Android malware steals your credit cards for NFC relay attacks (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Russian army targeted by new Android malware hidden in mapping app (source)
- Update ASAP: Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers (source)
- Google fixes actively exploited FreeType flaw on Android (source)
- Google links new LostKeys data theft malware to Russian cyberspies (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google’s Advanced Protection Now on Android (source)
- Google strengthens secure enterprise access from BYOD Android devices (source)