Researchers at Kaspersky Lab claim to have uncovered a new Trojan malware called Loapi, which misuses Android smartphones to mine Monero tokens (a kind of cryptocurrency). This activity, uncontrolled by the phone’s owner, can overheat and cause physical damage to the affected smartphone. The malware can also inject ads to the smartphone, and recruit it for distributed denial of service (DDoS) attacks.
Kaspersky Lab, in a blog post, said, “Users pick up the Loapi Trojan by clicking on an ad banner and downloading a fake AV or adult-content app (the most likely vehicles for this Trojan).” The Trojan will then lock the screen if the user does not give it admin rights.
One of the biggest ways in which the Trojan can harm your phone is through unsolicited mining of Monero tokens. This activity can cause overheating and end up harming the internals of the smartphone. “During our research, the battery of the test smartphone overcooked 48 hours after the device was infected,” said Kaspersky in the blog post.
Loapi can also spam the smartphone with banner and video ads. Loapi is also capable of downloading various other unknown apps and can open up certain pages on apps like Facebook, VKontakte, and Instagram.
This Trojan is even capable of causing financial loss to the smartphone owner. For example, Loapi can sign up users for paid subscriptions of apps. It has a module that secretly sends text messages to the mobile number, in order to authenticate the premium subscription. It doesn’t stop there; the Trojan then deletes all related incoming and outgoing messages from the phone.
Another way in which Loapi harms a smartphone is by using it as a participant in DDoS attacks against Web resources. Loapi has a certain level of modularity as its creators might transform it to perform different tasks – like ransomware, spyware, banking Trojan – in the future.
To protect smartphones from the Loapi Trojan, Kaspersky Lab advises, users should install Android apps only from official stores. Additionally, installation of apps from unknown sources should be disabled for better security. The cybersecurity firm also suggests installing a reputed antivirus to prevent such attacks.
Kaspersky Lab, in September, had detected the Xafecopy Trojan that was responsible for stealing money through mobile phones in India.