subscribe: Daily Newsletter

 

Cryptomining malware hits Android phones

0 comments

The new Loapi Trojan takes over users’ Android phones, turning them into cryptocurrency miners and ad servers – and sometimes running them so hard they literally melt or go up in smoke.

According to the Kaspersky Labs blog, users can become infected with the Loapi Trojan by clicking on an ad banner or downloading fake software masquerading as anti-virus of adult content.

After installation, Loapi literally bullies the user into granting administrator rights, presenting notification after notification until it is granted. If the user later tries to deprive the app of administrator rights, the Trojan locks the screen and closes the settings window.

In addition, if the user tries to download apps that genuinely protect the device (for example, a real anti-virus), Loapi declares them to be malware and demands their removal, again presenting notifications until the user agrees.

Kaspersky explains that Loapi has a modular structure, so it can switch functions on the fly at a remote server’s command, downloading and installing the necessary add-ons by itself.

Among these add-ons are unwanted ads as well as visits to pages in Instagram, Facebook and VKontakte.

Another module signs the user up for paid services – Loapi even confirms these subscriptions if there’s an SMS check, and deletes the messages so the user may never know what he’s been signed up for.

The phone can be turned into a zombie and take part in DDoS attacks, sending HTTP requests via a built-in proxy server.

Loapi also uses smartphones to mine Monero tokens, according to Kaspersky, and the prolonged operation of the processor at maximum load can overheat the device – the battery of a test device overcooked 48 hours after the device was infected.

Loapi is a jack-of-all-trades: there is code in the current version that hasn’t been deployed yet, and it can download new modules at the command of a remote centre.

Kaspersky cautions users to observe some simple rules to avoid infection. These include installing apps only from official stores; disabling the installation of apps from unknown sources; installing only what’s needed; and installing reliable anti-virus software.