In this era of technology, the first word that comes to our mind after listening word technology is “Privacy”. To protect our privacy Operating System providers such as Windows, Android, iOS, etc. are doing their best. But with their efforts, there are so many Hackers which always try to break their codes and create viruses to get enter into the systems.
Researchers at Kaspersky Lab have identified a new Android smartphone virus called Loapi (Trojan. AndroidOS. Loapi). It can carry out a variety of malicious activities, including crypto-exchange extraction, fraudulent advertising messages, DDoS attacks from infected devices.
Loapi distinguishes itself from the numerous single-function Android viruses (such as bank malware or those for crypto-currency mining, etc.), because of its complex modular architecture that allows it to conduct an almost unlimited number of actions on the compromised device.
The Loapi malware can use the computing power of the device to undermine cryptocurrencies, or subscribe to subscription services. Or use your smartphone to carry on DDoS attacks. And all these actions can be done at the same time, depending on the power of your smartphone.
It is the first time that an Android virus is discovered capable of carrying out all these actions.
The Loapi virus is distributed through advertising campaigns by pretending to be an antivirus solution or an adult app. After installation, applications ask for the administrator’s rights to the device. After this, it begins to secretly communicate with the command and control servers to install additional modules.
The architecture of the Loapi virus includes the following modules:
- Adware module – used to display persistent advertising on the user’s device;
- SMS module – used by malware to conduct various activities through text messages;
- Web crawler form – used to register users for paid services without their knowledge. The SMS module will hide the messages to the user, respond if necessary and then delete all the “tests”;
- Proxy module – allows cybercriminals to perform HTTP requests on behalf of the device. These activities can support DDoS attacks;
- Form for the mining of the cryptocurrency Monero (XMR).
The most worrying part, however, is the “involuntary” mining (unbeknownst to the user) of cryptocurrency, an activity that can overheat the phone due to excessive and prolonged use of the processor.
During their research, Kaspersky’s researchers claim to have seen the battery of the test smartphone swell and deform the device in just 48 hours from infection (other details here ).
Loapi doesn’t manage to steal the victims’ money, but could create damage to them by destroying the smartphone.
To avoid falling victim to the Loapi virus, it is recommended that users of Android devices not to download apps from unofficial stores.
You should carefully check the reputation of an app of dubious origin on Google Play and to install and maintain an antivirus solution updated on your device.