SpyLoan Malware Targets Latin American Mobile Users

SpyLoan malware attacks have emerged as a significant threat to mobile phone users in Mexico and Latin America. This malicious software is being spread by "loan mounters," which are companies that offer immediate financial loans through social media apps. If the borrower struggles to pay back the loan, the SpyLoan malware springs into action and compromises users’ confidential information. 

“In addition to accumulating an almost unmanageable debt, users of SpyLoan-type applications unknowingly grant access to their phone's stored information, such as contact lists, photos and videos. This information is leveraged in a harassment and extortion scheme that extends beyond the loan applicant," says Fabio Assolini, Director of the Global Research and Analysis Team for Latin America, Kaspersky. In extreme cases, some loan mounter applications even have the capacity to lock out users of their own devices, pushing the users to pay the ransomware fee established by cybercriminals. 

These loan mounters companies tend to be insufficiently regulated and offer loans without adhering to standard financial requirements. Moreover, they often request upfront fees and ask individuals for unnecessary bank information before granting them loans. In worst-case scenarios, loan mounters can even impersonate legitimate financial companies, efficiently alluring users to their cyberattacks.

Recent studies show that Mexico has been the second hardest-hit country in Latin America by loan mounter applications. Kaspersky detected 298 malware attempts per minute targeting mobile phones in the country during 2022, with most of them related to malvertising techniques. Other affected countries in the region include Colombia, Peru, Chile and Brazil. India, Kenya, Nigeria, Uganda and the Philippines have also been targeted by this malware attack.

Human error remains the predominant cause of cybersecurity breaches worldwide, contributing to an estimated 74% of successful data breaches. To circumvent the risk of falling victim to these kinds of cyberthreats, Kaspersky’s cybersecurity experts advise users to verify the credibility of their applications, install compatible cybersecurity solutions in their mobile phones and apply cautionary measures regarding promotions online.