The Android ecosystem has new malware, which is farming bitcoins in full-force using your phone’s processing power. This new malware is termed Laopi, based on its package name Trojan.AndroidOS.Loapi.
Laopi Android malware is a “jack of all trades”
According to the security researchers at Kaspersky Lab, this Android malware does not use any security loopholes to get access to the user’s phone. This Android malware is a perfect example of social engineering as the majority of the devices are infected with websites and ad redirect.
The Android malware takes cover under apps that appear to be anti-virus or cleaner apps for Android. Some also come hidden with popular porn apps. The apps infected with this Android malware have several modules that trigger once permission is granted by the user. Once, the malware is inside the device, it will download several modules from the command and control server, depending on the task that the operator wants to perform on the phone.
According to the researchers, Laopi is the “jack of all trades” as it can subscribe to the paid service, send SMS messages to any number, generate traffic from advertisements, and even use the power of the processor to mine Monero. Just like any other cryptocurrency, Monero needs to be mined to keep the currency alive. Mining requires massive computing power, and the malware can do this by linking several phones together.
Researchers note that the only module missing is farming personal user data, but it can be added in no time.
According to Nikita Buchka, a security expert at Kaspersky Lab, “Loapi is an interesting representative of the world of Android malware because its authors have embodied almost every feature possible into its design.”
It can destroy your smartphone as well
Apart from all the capabilities, the malware is also capable of destroying your mobile device. According to the researchers, even though the hackers would not destroy the device intentionally, it could be the result of poor optimization. As the malware starts mining the cryptocurrency on a device, it can heat up to the extent of destroying the battery.
“The surprisingly unexpected risk which this malware brings is that even though it can’t cause direct financial damage to the user by stealing their credit card data, it can simply destroy the phone. This is not something you would expect from an Android Trojan, even a sophisticated one,” Buchka says.
Also, the malware can defend itself by blocking the screen and closing the window if the user tries to block the malware by deploying his or her administrative rights.
Lately, apps and sites involved in mining the cryptocurrency by draining users CPUs and electricity are on the rise. In the majority of the cases, the activities only surface when users open monitors that track all processes and apps running on a device. Recently, officials at AV provider Sophos stated that all cryptocurrency mining without the user’s consent is parasitic, according to ArsTechnica. A user can avoid such malware from entering and affecting their phones by sticking to the apps available at the official Google Play store.