Cryptocurrency mining malware “Loapi” capable of physically damaging phones

Dec. 28, 2017

Researchers at Kaspersky Lab have identified a family of modular Android malware dubbed “Loapi,” which is capable of mining the Monero cryptocurrency, inundating users with advertisements, automatically subscribing the user to paid services, and participating in DDoS attacks, among other functions. The cryptocurrency mining module maintains a load sufficiently high enough to cause physical damage to a test device after two days.

According to the researchers, the malware is distributed through advertising campaigns, and is generally disguised as either an antivirus or pornographic app. After installation, the malware asks the user to grant administrator permissions in a loop until the permissions are granted. It also checks for—but does not use—root permissions. However, given the modular nature of the malware, this could be used in the future.

Loapi can communicate with a number of command and control servers. These servers can load additional modules and receive lists of apps which may attempt to remove or limit the permissions granted to the malware. If these apps are installed, the malware flags the legitimate security app as malware and forces a loop prompting the user to remove the security app until the user acquiesces. The malware also locks the screen and closes the device manager, warning the user that the phone data will be wiped.

Given the encumbrances to removing the app on the phone, the best course of action is likely to uninstall via adb. There is no indication that the malware has been distributed via Google Play. That said, installing mysterious apps from unknown sources is not advisable.

Android Police has the full article

Sponsored Recommendations

A Cyber Shield for Healthcare: Exploring HHS's $1.3 Billion Security Initiative

Unlock the Future of Healthcare Cybersecurity with Erik Decker, Co-Chair of the HHS 405(d) workgroup! Don't miss this opportunity to gain invaluable knowledge from a seasoned ...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...