Loapi virus can melt through your smartphone
There’s a new virus in town, and this one’s so lethal it can literally melt a
hole in your Android smartphone.
Fortunately, it’s not in the Google Play store. But it is being spread through
third-party stores and ads that trick you into thinking you’re downloading
antivirus apps or even porn. In fact, it disguises itself as at least 20
different apps in the adult and antivirus categories, including Kaspersky, whose researchers discovered and dissected the bug.
Kaspersky Labs calls it a “Jack of All Trades” (perhaps it should be Hack?) because there’s little this Trojan, called Loapi, doesn’t do. It can launch DDOS attacks, send texts, download other apps, sign you up for paid subscriptions, nag you with ads, and mine tokens of Monero cryptocurrency.
It’s that last, demanding task that overheats the battery so much that your
battery can swell up and burst through the phone cover. (Researchers found this takes just two days).
Loapi will force you to let it take over your phone by tormenting you with pop-
ups requesting admin permissions until you give in. After that, it keeps its
manager permissions by locking the screen and closing phone windows. It
communicates with C&C servers, convincing the system that your real antivirus apps are malware, again using looping popups until you give in and delete the good app.
“Loapi is an interesting representative from the world of malicious Android
apps. Its creators have implemented almost the entire spectrum of techniques for attacking devices: the Trojan can subscribe users to paid services, send SMS messages to any number, generate traffic and make money from showing advertisements, use the computing power of a device to mine cryptocurrencies, as well as perform a variety of actions on the internet on behalf of the user/device,” say the researchers.
Booting to Safe Mode is the first step to eradicatin the stubborn bug. If the
handset isn’t in Safe Mode, the user won’t be able to revoke the virus’s admin
privileges, because the virus will lock the user out of the Settings window. (It
may be a good idea to learn how to boot to Safe Mode on your particular
smartphone before you ever get a virus.)
Loapi can even download new modules from a remote command center, allowing its abilities to ever expand. It could be a banking Trojan one day, and morph into spyware or ransomware the next. The experts even detected that the virus has yet unused abilities that could let it go even farther. It’s the gift that keeps on taking.
Another good reason to be careful of what you download. To avoid these types of disasters, Kaspersky recommends that you take basic precautions: Only download apps from the official Google Play store, which has decent (if not perfect)
security and a team dedicated to eradicating mobile viruses. Also, be sure to
uncheck the Unknown Sources box in your phone’s security settings. Use an
antimalware program, even a free one. And only download apps you need; the
fewer apps, the less risk.