Indian users exposed to data theft and extortion via "Finance Simplified" spyloan app on Google Play
Summary
A fake financial management app called "Finance Simplified" was downloaded over 100,000 times from the Google Play Store, exposing users to data theft and extortion. The app is linked to the SpyLoan malware family and posed as a legitimate loan service, luring users with attractive loan terms while secretly collecting sensitive personal data. The app redirected users through WebView to an external site hosted on Amazon's servers, allowing it to bypass Google’s security scans. The app specifically targeted users in India and was later removed from Google Play, though it may still be active on infected devices. The data breach could lead to blackmail, prompting victims to update passwords, enable two-factor authentication, and monitor for identity theft.
Incident Details
Unauthorized collection, tracking, or exposure of personal data and private information.
Sources
1This incident is documented by a single source. Source count reflects coverage in our monitored feeds, not the totality of reporting, and we do not evaluate publication quality.