Newly Discovered Android Malware Physically Wrecks Phones

A newly discovered strain of Android malware has been uncovered that runs a number of different scams at once – so many that it can cause overheating and physical damage to a device.

Researchers at Kaspersky Lab said after two days of allowing the Loapi malware to run on a test device the constant workload caused the battery to bulge and deformed the phone’s cover.

Loapi has a complicated modular architecture that allows it to run several types of processes at once, including processor-intensive chores such as mining the Monero cryptocurrency and generating false traffic on web pages.

Kaspersky found during a period of 24 hours the malware tried to open 28,000 unique URLs, a way of generating fraudulent web ad revenues.

Denial-of-service attacks

Loapi can also generate HTTP requests in order to try to crash websites as part of a large network of other devices infected with the similar code.

It tries to subscribe an infected device to paid services and displays ads on the screen.

“Its creators have implemented almost the entire spectrum of techniques for attacking devices,” Kaspersky wrote in an advisory. “The only thing missing is user espionage, but the modular architecture of this Trojan means it’s possible to add this sort of functionality at any time.”

Loapi poses as antivirus or adult content applications and spreads through online ad campaigns. Kaspersky said the malware was found in more than 20 different locations on the web.

When the user clicks through and installs the app, it repeatedly asks for administrator privileges until the user grants them, allowing it to install the modules of its choice.

If the user tries to remove the app’s privileges in Android’s settings panel, the app locks the screen and closes the window. It also searches for legitimate security software on the device, identifying it as “malware” and prompting the user for permission to remove it. The prompt appears repeatedly until the user agrees.

Loapi is only found in third-party app stores, but malicious code regularly turns up on Google Play as well, having bypassed security checks.

Do you know all about security in 2017? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

NHS Challenged Over Data Contract With Palantir

Contract between NHS and data mining firm Palantir now at centre of lawsuit filed by…

1 hour ago

California Can Enforce Its Own Strict Net Neutrality Law

Open Internet Victory? Ruling from US federal judge rejects attempt by US broadband providers to…

2 hours ago

Australia Passes Amended ‘Media Bargaining Law’

Australia becomes first country in the world where a government arbitrator can set prices tech…

5 hours ago

Facebook Oversight Board Confirms Appeal Over Trump Ban

Unnamed 'user' files appeal with Facebook's Supreme Court (the Oversight Board) against the 'indefinite' ban…

6 hours ago

Facebook To Invest $1 Billion In News Industry

After the very public row with the Australian government, Facebook confirms it is investing $1…

1 day ago

EU Opens Consultation On Gig Economy Worker Rights

After UK's top court rules Uber drivers are workers, European Commission begins consultation on gig…

1 day ago