APPS
APPS
APPS
Insidious new cryptocurrency mining malware can physically damage a victim’s phone
An insidious new form of Android malware detected in the wild deploys a cryptocurrency miner that can actually cause physical damage to phones, according to a newly published report.
Dubbed “Loapi” by security researchers at Kaspersky Lab, the trojan malware is spread via porn sites and fake malware apps. So far, it’s believed to have successfully infected over 46,000 phones in 86 countries, with the number continuing to grow.
Once on a targeted device, Loapi repeatedly seeks administrative permissions from a victim until they are accepted, working on the concept that users will eventually agree to the prompts so as to be rid of them. Once they do so, the malware hijacks the phone’s processor to mine for the Monero cryptocurrency.
Cryptocurrency mining, the process by which transactions are verified and added to the public ledger, involves compiling recent transactions into blocks and trying to solve a computationally difficult puzzle, with those mining the given currency rewarded for their efforts with coins or tokens in that cryptocurrency.
The process involves computing power, and that’s where the problem with Loapi lies. The malware uses so much processing power on an infected device that it can actually damage and even destroy it. According to the researchers, the malware hit their test device so hard that “the battery bulged and deformed the phone cover.”
“The surprisingly unexpected risk which this malware brings is that even though it can’t cause direct financial damage to the user by stealing their credit card data, it can simply destroy the phone,” they wrote Monday. “This is not something you would expect from an Android trojan, even a sophisticated one.”
Loapi itself can be used for other purposes, including launching distributed denial-of-service attacks, ad hijacking and data theft, though those activities don’t kill a victim’s phone.
Android users are, as always, advise to practice safe internet. Along with having up-to-date antivirus software installed on their phones, they should always be wary of downloading apps from unofficial stores and refuse to accept requests for administrative permission from unknown apps.
Photo: Kaspersky Lab
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
