Blackmail, threats… How Android applications blackmail their users

Malicious Android apps seek to extort money from their users. To convince their victims to pay colossal sums, hackers threaten to disclose private information, including intimate photos.

Zimperium cybersecurity experts discovered the trace ofabout thirty Android applications malicious on the web. According to the researchers, the apps are part of a larger campaign called MoneyMonger. As the name suggests, the apps are designed to trick people looking for an emergency loan.

Quick loans in a few clicks

To lure their victims, Android apps promise fast loans in just a few clicks. After installing the app, the victim will be prompted to complete a loan application. When filling out the form, the malicious application will claim many Android permissions, such as access to the camera, GPS, SMS and files stored on the memory. Users often neglect to pay attention to the requirements of the app in order to obtain the loan as soon as possible.

Once the permissions have been accepted, the software will seize a plethora of sensitive data on users. The hackers will in particular collect the geolocation of the phone, the SMS exchanged, the list of contacts, the call logs, the files, the photos and the audio recordings. This data is sent to a remote server controlled by hackers. This is where the trap closes.

Read also : Beware, “zombie” Android apps are spreading to smartphones

Harassment and Penalties

With this information, the application will put pressure on his victims so that they repay the loans contracted. Of course, the interest rates are colossal. In some cases, the scammers behind MoneyMonger even use the collected information to coerce a user into taking out a loan. In case of refusal, cybercriminals threaten to disclose private data obtained during the installation of the application, such as intimate photos.

If the victim does not pay on time, and sometimes even after the loan is repaid, malicious actors will threaten to reveal information, call people from the contact list and even send stolen photos “says Zimperium.

Back to the wall, some victims then agree to repay loans at very high interest rates. In the event of payment default, the applications charge penalties. The victims are thus caught in the spiral of debt. During its investigation, Zimperium consulted the testimonies of several victims of MoneyMonger. Sometimes pirate targets say they are ready to commit suicide to escape their blackmailer.

According to Richard Melick, director of intelligence at Zimperium, more and more malicious actors are harassing Internet users to extort money. The expert speaks of a “increasing trend”. Unsurprisingly, hackers mostly target people whose the financial situation is precarious. In this way, the targets have no other recourse than to comply with the demands of the scammer.

Applications identified by Zimperium are not available on the Google Play Store. They are only accessible on alternative shops or APK stores. To spread apps, hackers rely on online advertisements or compromised websites.

Nevertheless, we also find malicious loan applications on official stores, such as the Play Store or the Apple App Store. Last month, lookout seekers we discovered 300 applications having predatory behavior such as abusive data exfiltration. In addition, most of the loans offered had hidden fees, high interest rates and unfavorable repayment conditions for the contractors. Otherwise, the operating mode of the apps was similar to that of the applications identified by Zimperium.

Source :


We wish to say thanks to the writer of this article for this incredible web content

Blackmail, threats… How Android applications blackmail their users

You can find our social media profiles , as well as the other related pages