Most malware in the wild will try to do you harm in one way or another, but most often than not that involves accessing your information. There’s also another type of malware out there that will destroy your device.
In general, malware, whether it targets computers, smartphones, or smart devices, seeks to get access to your device, looking for data, looking for your secrets. Once it locates your secrets, things you wouldn’t want to share with others, whether friends, family, or work colleagues, the hackers lord the data over your head, asking for money. Alternatively, they just crack your accounts one after the other until they get the necessary info to do even more damage.
Kaspersky Lab, however, uncovered a new strain of Android malware that can be used by the attackers for multiple purposes, including launching DDoS attacks, or mining cryptocurrency. Loapi, as the new malware was named, can exploit the device until the phone’s battery swells ups.
According to Kaspersky, the new threat hides within Android apps posing as antivirus tools, or porn apps. Once the installation is complete, the app asks for device admin permission, pestering the user until they agree. Once the permission is granted, the app hides its icon in the menu or simulates various antivirus activity, depending on the nature of the app the user downloaded.
The malware takes things a step further. If the user wants to remove the extensive permissions, the app locks the screen and closes the window. The malware can also uninstall a series of apps that can pose a danger and force the removal of the infected tool like real antivirus tools.
The Jack of All Trades of malware
The researchers describe Loapi as a “jack of all trades” because it can conduct a variety of malicious activities, including mining Monero, launching DDoS attacks, redirecting web traffic, sending texts, downloading and installing other apps. It’s the Monero mining process that managed to destroy the phone used for testing, causing the battery to bulge and deform the cover.
“Loapi is an interesting representative from the world of malicious Android apps. Its creators have implemented almost the entire spectrum of techniques for attacking devices: the Trojan can subscribe users to paid services, send SMS messages to any number, generate traffic and make money from showing advertisements, use the computing power of a device to mine cryptocurrencies, as well as perform a variety of actions on the internet on behalf of the user/device,” Kaspersky researchers write.
One feature that this malware can be used for is not yet active, but Kaspersky believes the capability could be added in the future – espionage.
As always, make sure you only install apps from the official Play Store, and even there be particularly selective of the tools you use, check reviews and the developers. If you want to keep your secrets safe, then you must be aware of everything that goes on your device.