CATEGORIES
home News

Loapi Android Malware Packs Monero Cryptocurrency Miner That Can Fry Your Phone

by Brandon HillTuesday, December 19, 2017, 05:18 PM EDT
Android Ground
We know all too well about the dangers of cryptocurrency mining malware that can invade our PCs. We've also seen unscrupulous websites that run mining software in the background, sapping valuable resources. Now, it seems as though we need to be on the lookout for mining malware that can invade our smartphones.

Kaspersky Lab warns that the malware, Tojan.AndroidOS.Loapi or "Loapi", is targeting the Android platform. The security firm warns that Loapi can be distributed via advertisement campaigns (which can cause redirects to malicious websites that download infected packages to your device). But Loapi can also be distributed via fake/unofficial app stores and fake applications posing as the real deal. In other words, it's pretty pervasive at this point with many attack vectors.

Once on your device, Loapi will seek administration permissions, beating helpless users into submission until they eventually agree. Considering that the prompt loops until the uses gives in, it's likely that some users will acquiesce just to get the nag screen to go away.

loaper
Don't fall for this scam...

There are a number of other aspects of Loapi that are disconcerting, including the fact that "self-preservation" is high on its priority list. "Loapi aggressively fights any attempts to revoke device manager permissions," writes Kaspersky. "If the user tries to take away these permissions, the malicious app locks the screen and closes the window with device manager settings.

"The Trojan is capable of receiving from its C&C server a list of apps that pose a danger. This list is used to monitor the installation and launch of those dangerous apps. If one of the apps is installed or launched, then the Trojan shows a fake message claiming it has detected some malware and, of course, prompts the user to delete it."

Sneaky, sneaky, sneaky! If that wasn't enough, Loapi has an advertisement component that will bombard your device with ads (including banner ads and video ads) that generate revenue for the author, and also includes the ability to hijack your SMS messages.

loaper monero smartphone
Kaspersky Lab's test device was destroyed because of the Monero mining module. (Image Source: Kaspersky Lab)

But perhaps the most dastardly module found in Loapi is its ability mine for the Monero (XMR) cryptocurrency. While a smartphone's relatively low-powered ARM processor isn't exactly the ideal platform for cryptocurrency mining, every little bit helps. However, pegging a smartphone's CPU at 100% 24-7-365 for mining purposes isn't exactly a great idea. As Kaspersky researchers discovered, their test smartphone, which was compromised by Loapi, destroyed itself after two days due to the cryptocurrency mining module. The smartphone's overtasked battery bulged due to heat and deformed the device’s chassis.

Kaspersky says that never before has it seen such malware that is truly a "jack of all trades". Given its current arsenal of weapons at this early stage in its development, there's no telling what new modules could be plugged into sharpen its fangs. Loapi could be truly weaponized, which could lead to smartphone destruction -- literally -- on a global scale.

Tags:  Android, Malware, mining, cryptocurrency, monero, loapi
Brandon Hill

Brandon Hill

Brandon received his first PC, an IBM Aptiva 310, in 1994 and hasn’t looked back since. He cut his teeth on computer building/repair working at a mom and pop computer shop as a plucky teen in the mid 90s and went on to join AnandTech as the Senior News Editor in 1999. Brandon would later help to form DailyTech where he served as Editor-in-Chief from 2008 until 2014. Brandon is a tech geek at heart, and family members always know where to turn when they need free tech support. When he isn’t writing about the tech hardware or studying up on the latest in mobile gadgets, you’ll find him browsing forums that cater to his long-running passion: automobiles.

Opinions and content posted by HotHardware contributors are their own.

TOP STORIES
Which New GPU Is For You?
More Results
KEEP INFORMED

Stay updated with the latest news and updates. Subscribe to our newsletter!

Subscribe Now
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2026 Hot Hardware Inc, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment