In December 2017, Kaspersky Labs discovered and tested a new Android phone malware, known as the Trojan Loapi. The malware is programmed to conduct several functions including mining cryptocurrency, enabling pop-up ads, DDoS attacks, and flooding contacts with spam messages. As a result, Kaspersky has given it the moniker of ‘Jack of all trades’ malware[1].
Loapi cunningly hides in plain sight to the user. The malware advertises itself by using icons of known anti-virus or adult entertainment apps that can be downloaded onto your phone. Loapi does not appear to be available in the Google App Store. This is likely due to Google’s more secure auto-approval process[2].
One of the more fascinating (and worrying) features of Loapi is its ability to protect itself from anti-virus apps once it is installed. Loapi will create a fake message claiming that certain legitimate apps are malware and asks the user to uninstall it. Further, the architecture of the program is multi-layered, allowing its original creators to add further layers of programming to allow Loapi to perform even more malicious functions.
Interestingly, one of the only functions it is (currently) not performing is user espionage[3]. However, it is likely that this functionality may be programmed into the malware should its original creators be inspired to do so.
As if its ability to completely invade and disrupt your phone is not enough, Loapi has one further ace up its sleeve. The malware is able to physically destroy your phone. After two days of testing, the Kaspersky team noticed that the phone’s battery had bulged so much it had broken the back casing of the phone! At this point, the phone was completely inoperable.
To protect yourself from this malware, Kaspersky notes that prevention is significantly better than cure.
Several safeguards and tips to follow in order to protect yourself include:
- Download your apps from official app stores[4] – Be it Google or Apple, do not download any apps from pop up ads or external sites. Likewise, it is a good rule of thumb to have as few apps installed as possible on your phone.
- Install well known and ‘official’ anti-virus apps – App stores will always rate and promote anti-virus software from genuine and well-known security companies. If you are willing to pay for a more advanced app, make sure it is from a well-known company.
- Keep an eye out on your hardware! – excessive overheating and rapid battery depletion may mean the malware might be already installed.
It is fair to say that in today’s digitally advanced world, malware is becoming more and more sophisticated. Loapi’s structure makes it a dangerous adversary in cyber security due to its ability to adapt, change and multi-task. It is important to remain vigilant and always be risk averse when applying any applications to your phone or other networked technology.
For assistance in Mobile Device Mangement and securing your organisations devices , please do not hesitate to contact Agilient.
The Agilient Team
[1] https://securelist.com/jack-of-all-trades/83470/
[2] https://mashable.com/2017/12/20/android-malware-caused-a-phone-to-warp/#UChI9d_vskqJ
[3] https://www.itwire.com/security/81253-new-android-malware-a-jack-of-all-trades-%E2%80%93-and-master-of-them-too.html