• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 22nd, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Hacking News
News

New Android Malware Loapi Attacks Phones in Five Different Ways

December 19th, 2017 Waqas News, Android, Malware, Security 0 comments
New Android Malware Loapi Attacks Phones in Five Different Ways
Share on FacebookShare on Twitter

Android phones have always remained the soft target of malicious threat actors since every now and then we hear about a new malware strain hitting innocent android users. The same has happened in this case where a new malware is targeting Android phones.

This particular malware, dubbed as Loapi, is an evil piece of code that can perform five different malicious activities including mining cryptocurrencies, conducting DDoS attacks and causing the phone’s battery to the bulge that leads to the destruction of the phone after few days of its installation.

New Android Malware Loapi Attacks Phones in Five Different Ways

What happened when researchers installed the malicious application on a test device

It also runs an advertising fraud scheme; the victim feels that they are visiting advertisers’ web pages and every time an ad is clicked the advertiser is paid some amount. Through the capability of mining Monero, the malware runs web requests and signing the device for different subscription services whenever the attacker sends a command.

The malware was discovered by Kaspersky Labs researchers and given the wide range of malicious functions that it performs researchers are claiming it to be Jack of All Trades. Loapi has a complex modular structure that is different from other malware that have attacked Android devices so far. It contains an advertising module, proxy module, texting module and Monero mining module. Moreover, this threatening malware is capable of evading detection as well.

“We’ve never seen such a ‘jack of all trades’ before,” researchers from Kaspersky wrote in their official blog post published on Monday.

Over 20 malicious apps that are downloaded from third-party platforms and are mostly mobile antivirus or adult apps are responsible for infecting Android phones with Loapi. Victims are lured towards these apps through misleading advertisements. The user is bombarded with never-ending popups and there comes a time when the victim gives in to whatever the malware is requesting for, which usually is getting admin rights. When the rights are acquired, the malware deletes the antivirus to avoid detection. When the user tries to deactivate the administrator account, the Loapi-infected apps close the Settings menu and the device has to be booted in Safe Mode to delete Loapi.

Loapi attacks a user in two different ways; firstly, it sends SMS messages and secondly, a group of phones infected with Loapi is created to flood a server with traffic to such an extent that the server resultantly collapses.

Loapi is an aggressive malware that made around 28,000 different requests of advertising and subscription within a 24 hour period. It must be noted that since cryptocurrency mining is a processor-intensive feature that’s why it is possible for Loapi for draining the system’s resources quickly. When the battery gets overheated, it expands and ultimately bursts out from the phone case.

“Loapi is an interesting representative from the world of malicious Android apps. Its creators have implemented almost the entire spectrum of techniques for attacking devices: the Trojan can subscribe users to paid services, send SMS messages to any number, generate traffic and make money from showing advertisements, use the computing power of a device to mine cryptocurrencies, as well as perform a variety of actions on the internet on behalf of the user/device. The only thing missing is user espionage, but the modular architecture of this Trojan means it’s possible to add this sort of functionality at any time,” warned researchers.

The good news is that currently Loapi hasn’t invaded Google Play Store but Kaspersky Lab researchers identified 85 apps that were already trojanized that can steal VK.com’s login credentials.

  • Tags
  • Android
  • Cryptocurrency
  • Cyber Crime
  • Google Play
  • hacking
  • internet
  • Malware
  • Monero
  • Scam
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Hackers using Google Adwords & Google Sites to spread malware
Next article Youbit Bitcoin exchange quits operation after 2 hacks in 8 months
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Shazam Vulnerability exposed location of Android, iOS users

Shazam Vulnerability exposed location of Android, iOS users

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Shazam Vulnerability exposed location of Android, iOS users
Security

Shazam Vulnerability exposed location of Android, iOS users

29
Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet
Security

Ongoing 'FreakOut' malware attack turns Linux devices into IRC botnet

73
Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping
Security

Signal, Google Duo, FB Messenger vulnerabilities allowed eavesdropping

97

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us