Skip links

In This Article:

Take control of your digital security

Uncovering the “MoneyMonger” Malware: How Fake Money Lending Apps are Stealing Your Data

Shares This:
Reading Time: 2 minutes

What is it?

A new data stealing, spy malware campaign dubbed “MoneyMonger” has been found hidden in fake money lending apps. Once users install these malicious applications on their devices, it starts asking for various permissions on the device promising quick loan approval.

Also Read

Here is how it works:

  1. User installs the malicious apps.
  2. The app then presents users with loan schemes, promising quick processing of the loan if they grant permissions on their local device.
  3. Once the permissions for the camera, microphone, files, photos, calling service, and SMS are granted, the app infects the device.
  4. After the device is infected, the malware has complete control over the user’s device, and the cybercriminal can directly communicate with the user.
  5. The fake app then starts harassing the user to pay, threatening to send photos to their contacts, and there have been some instances, according to third party research, in which users may also be given a loan with very high interest rates and harassed for payments or targeted with false claims about not receiving the monthly payment.

The app is distributed through third party app stores and there is no instance of such a fake app found on the Google Play Store at the time of writing.

Who does it apply to?

Currently at the time of writing this is mostly targeting Android users based in India and Peru who need quick cash.

What should you do about it?

  • If you believe that you have accidentally installed a malicious or suspicious app on your device, it is important to uninstall it as soon as possible. This will help to protect your device and personal information from any potential harm caused by the app
  • Do a complete device scan for malware or any suspicious activity
  • If you believe you are being harassed or targeted by cybercriminals, it is important to report this to your local authorities
  • To protect your privacy and security, it is generally recommended to download and install apps only from official app stores, such as the Google Play store. Before installing an app, it is also a good idea to review the app’s privacy and security permissions to ensure that you are comfortable with the level of access the app will have to your device and personal information.
  • To protect your privacy and security, it is generally recommended to only grant app permissions that are needed “only while using the app,” rather than granting “always” permissions. This includes permissions for the camera, microphone, file manager, photos, and any other app permissions that may be requested. By limiting app permissions to the minimum required, you can help to reduce the risk of unauthorized access to your device or personal information.

Technical Details

Cybercriminals are using Flutter, a free and open-source mobile application development framework created by Google, to develop fake apps that distribute malware. Flutter’s features allow the malicious code to be hidden behind its framework, making it difficult to detect. Flutter enables developers to build natively compiled applications for mobile, web, and desktop from a single codebase

Sources

https://www.zimperium.com/blog/

https://www.darkreading.com/vulnerabilities-threats/blackmailing-moneymonger-malware-hides-flutter-mobile-apps

https://labs.k7computing.com/index.php/steer-clear-of-instant-loan-apps/

Sign Up to improve your Digital Security Now!

Shares This:

Leave a comment

Related Articles