Malicious Apps Targeting Mobile Users

Malicious Apps Targeting Mobile Users

Explore malicious digital lending mobile applications (Apps) targeting Android users. Malware can infect your mobile device and compromise your personal data, privacy, and security. Avoid clicking on malicious links or attachments in your mobile device’s email or messages.

Resurgence in Cyberbullying by Digital Lending Mobile Application Owners

The Cyber Security Authority (CSA) has noted a resurgence in cyberbullying experienced by users of digital lending mobile applications (Apps).

Modus Operandi

When a user installs the App, an amount is automatically credited into the user’s mobile money wallet even without an actual loan request.

One week after disbursing the loan, the fraudsters use extortion tactics including:

  • Demanding loan repayment with high interest rates from the victim or an associate threatening to circulate actual or fabricated nude photos of the victim on social media.
  • Threatening to label the victim as a thief or wanted criminal.
  • Even after victims repay, some fraudsters continue to demand additional payments.

Findings

The Apps that have been identified to be malicious include:

  • Ahomka Loan,
  • Antcredit,
  • Beanloan,
  • Bestioan,
  • BezoMoney,
  • Boomloan,
  • Casharrow,
  • Cashwave,
  • Cmgh loan,
  • Cosycredit,
  • Credit Bag,
  • Divacash,
  • Express Loan,
  • Five loan,
  • FullCredit,
  • Homecredit,
  • Itapcredit,
  • Kashby,
  • Lever credit,
  • Leverloan,
  • Lightscience,
  • Loanfast,
  • MegaCredit,
  • Minaloan,
  • Mixloan,
  • Omansika,
  • Ozzy money,
  • Pea money,
  • Perfect loan,
  • Poja Credit,
  • Profitloan,
  • Prokash,
  • Roseloan,
  • Safeloan,
  • Starloan,
  • SunTrust,
  • Tipcash,

The Apps are in contravention of the Banks and Specialised Deposit-Taking Institutions Act, 2016 (Act 930) according to the Bank of Ghana (BoG) notice BG/GOV/SEC/2022/10.

In addition, the App owners have not met the compliance obligations of the Data Protection Commission (DPC), and hence their access and use of the data and PII of users violate the Data Protection Act, 2012 (Act 843).

Victims would typically have granted these Apps access to their data (contacts, photos) and personally identifiable information (PII) e.g., Ghana card ID, during the installation.

Recommendation

The public is strongly advised against subscribing to these mobile applications since they ARE NOT sanctioned by the Bank of Ghana (BoG) and the Data Protection Commission. Individuals who patronize these services do so at their own risk.

Malicious Apps Targeting Android Users

These malicious applications have been found to contain malware capable of giving attackers control over Android devices. This malware can lead to activities such as information theft, crypto mining, and spying on users by monitoring their activities.

Impact

Once installed, the malware executes and uses WebView to launch URLs to either YouTube or a mobile gaming site named CrazyGames.com. In the background, it abuses its permissions to access locations, SMS messages, contacts, and call logs; make phone calls; take screenshots: and record audio and video. Additionally, the malware degrades performance, causing the device to slow down or freeze occasionally.

The following are known applications carrying Malware:

  1. Crazy Game
  2. Sexy Videos
  3. Tik Toks
  4. Weapons

Preventive Measures

  • Avoid downloading the applications listed above and also apps from unofficial sources.
  • Ensure your mobile device is up to with the latest security patches.
  • Be cautious of suspicious links or attachments in emails or messages

Leave a Reply

Your email address will not be published. Required fields are marked *