Skip to content

Rupee King rebrands to Wallet Pro in a bid to scam more people

  • by
  • 4 min read

Quick loan app that has scammed people of lakhs if not crores of rupees has now rebranded itself to Wallet Pro — changing its name and identity to continue ripping people off. We’ve recently discovered that these threat actors can, and will, go far beyond just sending you threatening messages to recover the original loaned amount.

Following our previous report, the app advancing cash to people and scamming them along the way with the rebranded proxy app has doubled in the total number of downloads on the Google Play Store. There are more than 30000 reviews on the app at the moment, the majority of them being five stars and a few ones being one star. There are no two, three or four-star ratings — fake reviews galore.

Now to the untrained eye, this will seem like just another quick loan app, and sure enough, that’s how they got so many downloads. However, once you’ve taken the loan and the repayment date comes near, then starts the scam. 

In the News: Operation Safety Net: Minnesota’s sophisticated surveillance system

Repayment scam after the repayment that includes leaking your data

Installing the app requires the user to provide almost every permission an app can ask for, including access to camera, microphone, location and even your device’s storage.

Their privacy policy says that users are ‘generally’ allowed to use the app without providing any personal information. Not only is this claim false, but you’re also entirely restricted from using the app until you give it all the permissions it needs, including storage, camera, mic, location and even the other apps installed on your phone, among others. 

Rupee King rebrands itself in a bid to scam more people
The fake court documents we received.

Once a user has taken a loan, the app requires them to back in the next seven days. If the user defaults, they start sending threatening messages claiming that they’ll publicly shame the user in front of friends and family since they have your entire contact list. If the user doesn’t respond, they end up doing so. Other threats include verbal abuses and fake court documents. 

Once the original amount is repaid, regardless of the user being behind the payment date, they start getting messages asking for repayments for loans that were never taken.

During Candid.Technology’s initial investigation earlier this year, the app used to demand these fake payments was called RupeeKing. This time around, it’s called Wallet Pro.

Rupee King rebrands itself in a bid to scam more people
The second set of messages regarding Wallet Pro we received.

I experienced this myself. When I didn’t respond to the loan collectors (who were extremely verbally abusive in their demands), they circulated a fake message with a rather serious allegation and my ID to randomly chosen contacts from my contact list. This went on until the original amount was repaid. 

Another victim who fell for this scam had sensitive photos from their phone gallery leaked and sent to random contacts. This happened after they had made the original payment in time. They ended up paying double thanks to the extortion messages and the threats. 

Both apps share a similar structure in terms of UI, and the amount is, once again, hardcoded into the app, which is delivered to the user by a shortened URL in threatening messages. What’s worse, they also demand invasive permissions, including location, camera, lock screen, storage and network state. 

Rupee King rebrands to Wallet Pro in a bid to scam more people
The Wallet Pro app running inside an Android VM.

We have good reason to suspect that the apps sent using these shortened links contain spying malware, considering the permissions they ask for and the delivery method. 

This is an ongoing investigation, and we’re currently working on establishing a link between the app on the Play Store and RupeeKing/Wallet Pro. We’ll be bringing you updates as we uncover more. 

In the News: Google bans all ad sales in Russia

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

  • I downloaded once and begin application but I didn’t received my disbursement. App was redirected to proxy app. Now I can’t find this app on play store. Please help me in knowing this application download from play store.

  • >