The apps, which were found in Africa and Southeast Asia, as well as India, Colombia, and Mexico, purportedly offer quick, fully-digital loan approvals with reasonable loan terms. In reality, says Lookout, they exploit victims’ desire for quick cash in an attempt to ensnare borrowers into predatory loan contracts and require them to grant access to sensitive information on their device such as contacts, phone history, and SMS messages.

Victims have reported that their loans came with hidden fees, high interest rates, and repayment terms that were much less favourable than what was posted on the app stores. Lookout Threat Lab also found evidence that the data exfiltrated from devices was sometimes used to pressure the customer for repayment - a common threat tactic to disclose a borrower’s debt or other personal information to their network of contacts.

In total, Lookout researchers uncovered 251 Android apps on the Google Play Store with more than 15 million collective downloads. The team also identified 35 apps on the Apple App Store that were in the top 100 finance apps in their regional stores. All of the apps have now been taken offline after Lookout made contact with Apple and Google.

Ruohan Xiong, senior security intelligence researcher, Lookout, comments: “As these predatory loan apps have demonstrated, app permissions could easily be abused if users are not careful. While there are likely dozens of independent operators involved, all of these loan apps have a very similar business model - to trick victims into unfair loan terms and then extort payment.”