The cyber security company Kaspersky Labs has discovered a new and disturbing piece of malware that targets Android telephones: Loapi. Once in place, this malware has the processor work hard without the user being aware, which can even cause the telephone to overheat.
The company has characterised Loapi as a 'Trojan Horse' because this malicious software is generally disguised as something else. In this case, Loapi mimics either an anti virus or erotic app, explains a Kaspersky expert in a blog post. If the user clicks one of these fake apps (check the icons in the illustration above), the Loapi software installs itself on the Android telephone and the misery begins. Loapi requests administrator rights (which allows it to change settings on the telephone), and the virus continues to inundate the user with pop-up screens until they click 'OK' out of sheer desperation.
Advertisements
All hell then breaks loose. Once the user has given permission, Loapi shows unsolicited advertisements on your smartphone. While that is annoying enough, there is more to come. The malware can visit social media on your behalf and 'like' things there. It can even download and install new apps on your telephone. Loapi can simply download the necessary software components from a server.
After having hijacked your telephone, Loapi can even register you for paid services. Such a registration process generally includes an extra security check, in the form of a text message with numerical code, but according to Kaspersky the malware has found a way around that. It can read the contents of your text messages and even send text messages, all behind the scenes.
On top of all this misery, Loapi can have the infected smart phone participate in DDoS attacks. This occurs when a large number of computers (which is what today's smart phones actually are) all try to open a certain website simultaneously, causing it to overload and crash. The problem is that such an attack requires so much processor capacity from your phone that it becomes slower and your battery is emptied more quickly.
Destruction
To make matters worse, the final unsolicited activity forced on your infected phone by Loapi is: to mine the Monero crypto coin. Just like the better-known bitcoin, this requires a great deal of processor capacity. If your telephone starts to make the necessary calculations at full force, it becomes warm. During a test, Kaspersky even noted that the battery became overheated. This means that a virus contamination is so aggressive that it can physically destroy the telephone (see photos below).
Protection
So how can you protect yourself against all this? Kaspersky has a few tips. To start with, only install apps you find in the official stores. In the case of Android, that's Google Play, and that store employs people to identify malware for mobile phones and keep it out, though Google seems to be less thorough than Apple.
Secondly, it's sensible to prohibit the installation of apps from unknown sources. You can do so via the Settings of the Android telephone. Check the precise details here. Last but not least: install a virus scanner on your telephone. Unsurprisingly, Kaspersky recommends the scanner developed by Kaspersky Labs. Once again, prevention is much better than cure.
New modules
So it's quite clear: Loapi is a jack of all trades. Kaspersky even writes that they have never encountered such a versatile piece of malware. The company analysts discovered components in the Loapi software that indicate the malware's ability to download its own new modules. This means that the people behind Loapi can devise new functions and then upload them to all smart phones already infected. This could include ransomware for example: software which locks down the telephone and only releases it once you have paid the ransom. Or spyware, in which the malware steals your personal data, which is of value in the seedier corners of the web.
Read more details on Kaspersky's website Securelist.com.
If you found this article interesting, subscribe for free to our weekly newsletter!
Images Securelist.com
If you found this article interesting, subscribe for free to our weekly newsletter!
Nieuwsbrief
Vond je dit een interessant artikel, abonneer je dan gratis op onze wekelijkse nieuwsbrief.