Researchers have discovered a new strain of transforming malware with the capability to physically destroy Android phones.
Kaspersky Labs staff say that the modular malware, called Loapi, can perform several tasks, including mining the Monero cryptocurency, filling the victim's device with adverts or taking part in DDoS attacks. It can also act as an SMS virus or a web crawler.
The worm is installed by disguising itself: either as an antivirus solution or an adult app. It gains permissions by spamming an infected device with notifications asking for privileges, until the user either gives up and hands over the rights knowingly or agrees by accident. It also checks for root permissions, and although it does not use them, this could be a possibility in the future.
Possibly due to poor optimisation, the malware uses up so much compute power that it causes the phone to overheat, damaging the battery.
Command & control servers are used to install additional modules, and also contain lists of apps that can attempt to limit the malware's activities. Loapi defends itself by flagging these apps as malware if they are already installed, driving the phone into a loop until the user removes them. It is also able to lock the screen and close the device manager.
Kaspersky security expert Nikita Buchka said, "Loapi is an interesting representative of the world of Android malware because its authors have embodied almost every feature possible into its design.
"The reason behind that is simple - it is much easier to compromise a device once and then to use it for different kinds of malicious activity aimed at earning illegal money. The surprisingly unexpected risk which this malware brings is that even though it can't cause direct financial damage to the user by stealing their credit card data, it can simply destroy the phone. This is not something you would expect from an Android Trojan, even a sophisticated one."
The easiest method of protecting yourself against Loapi is simple: don't install apps that don't come from Google Play.
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth