Versatile Android Malware Can Cause Physical Damage to Phones

Versatile Android Malware Can Cause Physical Damage to Phones

Cybersecurity firm Kaspersky Labs reported Monday on a new “jack of all trades” Android malware threat they’ve dubbed Loapi.

Cybersecurity firm Kaspersky Labs reported Monday on a new “jack of all trades” Android malware threat they’ve dubbed Loapi. According to Kaspersky Labs’ report, the malware is capable of multiple kinds of attacks and its workload can even physically damage a phone after a few days of being installed.

Loapi malware is installed via malicious apps, some disguised as antivirus solutions, that are available for download outside of the Google Play app store. After installation, the malware demands administrator rights, spamming the screen with notifications in a bid to get desperate users to give in and tap OK.

If users try to revoke device manager permissions, the malicious app locks the screen and closes the settings window. If users try to download actual protective apps, such as a real anti-virus app, Loapi declares them malware and forces the user to OK their removal.

The Loapi malware, once installed, can carry out many kinds of attacks. It aggressively displays advertisements on a user’s phone as well as using it as part of an advertising click fraud scheme. It can also use the phone as part of a DDoS attack.

Another module of the malware can sign up users to paid subscription services. Because Loapi also has SMS messaging functionality, it can confirm by text any subscriptions that require confirmation as part of sign-up, and all messages (outgoing and incoming) are immediately deleted. According to Kaspersky, the advertising and subscription sign-up features made 28,000 different requests in a 24-hour period.

Kaspersky discovered that the Loapi malware is set up with the ability to adapt to any new function its creators might want, such as ransomware, spyware or a banking Trojan.

In addition to these abilities, Loapi also uses smartphones as cryptocurrency mining modules, specifically to mine Monero tokens.  Cryptocurrency mining is such a processor-intensive process that 48 hours after Kaspersky’s test phone was infected, the battery overheated, expanded and burst out of the phone case.

To avoid installing malware on your Android device, Kaspersky recommends installing apps only from official stores, disabling the installation of apps from unknown sources, only installing apps that you really need and installing and regularly using proven anti-virus protection for your Android device.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • Freedom of Choice

    In today's security landscape, we are witnessing a fundamental transformation in how organizations manage digital evidence. Law enforcement agencies, campus security teams, and large facility operators face increasingly complex challenges with expanding video data, tightening budget constraints and inflexible systems that limit innovation. Read Now

  • Accelerating a Pathway

    There is a new trend touting the transformational qualities of AI’s ability to deliver actionable data and predictive analysis that in many instances, seems to be a bit of an overpromise. The reality is that very few solutions in the cyber-physical security (CPS) space live up to this high expectation with the one exception being the new generation of Physical Identity and Access Management (PIAM) software – herein recategorized as PIAM+. Read Now

  • Protecting Your Zones

    It is game day. You can feel the crowd’s energy. In the parking lot. At the gate. In the stadium. On the concourse. Fans are eager to party. Food and merchandise vendors ready themselves for the rush. Read Now

  • Street Smarts

    The ongoing acceptance of AI and advanced data analytics has allowed surveillance camera technology to shift from being a tactical tool to a strategic business solution. Combining traditional surveillance technology with AI-based data-driven insights can streamline transportation systems, enhance traffic management, improve situational awareness, optimize resource allocation and streamline emergency response procedures. Read Now

  • The Progress of Biometrics

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.