The Loapi malware does so by maxing out the processor’s computing power, and overheating your device. On Monday, security researchers at Kaspersky Lab posted pictures of the malware causing a test phone’s battery to bulge after a two-day period.
The overheating comes from the malware’s ability to secretly mine a virtual currency called Monero and deposit the funds to the hackers. The constant mining will both hog the CPU resources and force it to overwork.
Hackers have been dressing up the Loapi malware as fake Android apps that pretend to offer antivirus protection or pornographic content.
Once installed, the malware will persistently ask for administrative privileges until the user agrees. From there, it’ll masquerade as an antivirus product or hide itself away from the smartphone’s menu.
The Loapi malware is quite nasty. It will fight off attempts to revoke device manager privileges by locking the screen, closing the settings window, or threatening to wipe the phone’s memory. The malware will even flag legitimate antivirus apps as malicious, and recommend that the user remove them.
The Loapi malware was also designed with a whole range of capabilities. Not only can it mine cryptocurrency, but it can also fill the phone with ads, use the device to launch a distributed denial-of-servce (DDoS) attack, and take control over the phone’s SMS messages.
“We’ve never seen such a ‘jack of all trades’ before,” the security researchers wrote in their Monday blog post.
The researchers spotted Loapi-loaded apps advertised online, but not on the official Google Play Store. Their blog post contains the 19 different domains where the apps have been hosted.
Security experts also advise that users stay away from unofficial app stores for their tendency to host software loaded with malware