Newly Discovered Android Malware Physically Wrecks Phones

A newly discovered strain of Android malware has been uncovered that runs a number of different scams at once – so many that it can cause overheating and physical damage to a device.

Researchers at Kaspersky Lab said after two days of allowing the Loapi malware to run on a test device the constant workload caused the battery to bulge and deformed the phone’s cover.

Loapi has a complicated modular architecture that allows it to run several types of processes at once, including processor-intensive chores such as mining the Monero cryptocurrency and generating false traffic on web pages.

Kaspersky found during a period of 24 hours the malware tried to open 28,000 unique URLs, a way of generating fraudulent web ad revenues.

Denial-of-service attacks

Loapi can also generate HTTP requests in order to try to crash websites as part of a large network of other devices infected with the similar code.

It tries to subscribe an infected device to paid services and displays ads on the screen.

“Its creators have implemented almost the entire spectrum of techniques for attacking devices,” Kaspersky wrote in an advisory. “The only thing missing is user espionage, but the modular architecture of this Trojan means it’s possible to add this sort of functionality at any time.”

Loapi poses as antivirus or adult content applications and spreads through online ad campaigns. Kaspersky said the malware was found in more than 20 different locations on the web.

When the user clicks through and installs the app, it repeatedly asks for administrator privileges until the user grants them, allowing it to install the modules of its choice.

If the user tries to remove the app’s privileges in Android’s settings panel, the app locks the screen and closes the window. It also searches for legitimate security software on the device, identifying it as “malware” and prompting the user for permission to remove it. The prompt appears repeatedly until the user agrees.

Loapi is only found in third-party app stores, but malicious code regularly turns up on Google Play as well, having bypassed security checks.

Do you know all about security in 2017? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago