Security researchers from Kaspersky have discovered a new malware that is targeting Android phones. This malware, called as Loapi, is a harmful piece of code that can execute five separate malicious actions including mining the Monero cryptocurrency, making DDoS attacks, bombarding infected users with continuous ads, redirecting web traffic, transmitting text messages, and downloading and installing other applications.
According to Kaspersky researchers:
Loapi is an interesting representative from the world of malicious Android apps. Its creators have implemented almost the entire spectrum of techniques for attacking devices: the Trojan can subscribe users to paid services, send SMS messages to any number, generate traffic and make money from showing advertisements, use the computing power of a device to mine cryptocurrencies, as well as perform a variety of actions on the internet on behalf of the user/device. The only thing missing is user espionage, but the modular architecture of this Trojan means it’s possible to add this sort of functionality at any time.
Researchers found that the malware mines the Monero cryptocurrency so intensely that leads to the destruction of the phone after few days of its installation.
The Loapi malware forces the user to grant it ‘administrator permissions’ by looping a pop-up until the user hits yes, which provides the malicious app with the same power over your device that you have.
To really get rid of Loapi malware, you should boot in the safe mode because the malware will continually close Settings so you cannot deactivate admin privileges. Users are also recommended to only install apps from the official Google play store.