Security
Headlines
HeadlinesLatestCVEs

Headline

Threatening rogue finance apps removed from the Apple Store

Categories: Personal Tags: app

Tags: finance

Tags: india

Tags: loan

Tags: rogue

Tags: Apple Store

Tags: play store

Tags: google

Tags: threaten

Tags: blackmail

Tags: sextortion

Tags: fake

Tags: deepfake

Tags: deepfakes

Tags: morph

Multiple finance apps have been removed from the App Store after making dubious charges and issuing blackmail threats and other awful behavior.

(Read more…)

The post Threatening rogue finance apps removed from the Apple Store appeared first on Malwarebytes Labs.

Malwarebytes
#web#apple#google#git#ssl

Multiple apps have been removed from the App Store in India after a large helping of unethical behaviour was aimed at their users. TechCrunch reports that “Pocket Kash, White Kash, Golden Kash, and OK Rupee” among others were taken down after getting close to the top 20 finance app listing spots. The reason? These finance apps came with dubious charges and a chilling line in blackmail and threatening behaviour.

Here’s a user review from a month or so ago:

“I borrowed an amount in a helpless situation and […] a day before repayment due date I got some messages with my pic and my contacts in my phone saying that repay your loan otherwise they will inform our contacts that you r not paying loan."

While this sets the scene for the behaviour which ultimately had the apps taken down, worse was still to come.

Someone reached out to an individual working in media with a very disturbing message related to one of the apps. In it, their friend’s sister took out a loan and was met with threats to send “her nude pics” to her contacts. The nudes weren’t real: they’d been “morphed”, according to the message sender. We assume they mean a deepfake, which are of course notoriously easy to create either via specialist websites or apps.

Wtf is this, a personal loan app called Kash is threatening to send morphed nude photos of their customer to her entire contact list?! pic.twitter.com/5LcsukVgef

— Sandhya Ramesh (@sandygrains) July 3, 2023

Some of the apps were also impersonating legitimate app developers, which means lots of time and hassle spent trying to prove that they’re not involved. This is a common scam, so much so that large lists have been compiled of apps suspected of being involved in this particular tactic of blackmail and threatening behaviour.

Back in March, “seven entities and five individuals” were charged in a similar case where an individual was threatened after taking out a loan. Obscene and intimidating messages were sent to the victim by SMS, apps, and phone calls along with threats to upload photographs to adult websites.

Meanwhile, there are a growing number of faked nude photos ending up in the news in relation to these bogus finance apps. Sadly, there are also reports of some victims committing suicide after becoming caught in these fraudulent activities. In the above link, the fake finance apps are on the Google Play store. The bogus app developers are clearly looking to cast as wide a net as possible in their quest for ill-gotten gains. In some cases, fakers will impersonate senior law enforcement officers on rogue websites to make the scam even more convincing.

Apple has pulled “at least” half a dozen apps, but it’s clear that this is a bit of a booming industry and will take a lot of work to stamp out completely. If you’re thinking about taking out a loan via an app, it’s worth taking the time to research which companies are legitimate and take things from there. Check the reputation of the organisation, read those reviews, and find out what level of cover is available from both the store and lender should things go wrong. Do your best to ensure everything is above board before committing to anything, as this definitely isn’t something you want to become tangled up in.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

Malwarebytes: Latest News

Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)