Chapter in this post:
The Russian developer for anti-virus programs and digital security solutions Kaspersky has drawn attention to an aggressive modular Android Trojan called "Loapi" in a press release, which attacks smartphones extensively. Loapi uses the smartphone that it infects, among other things as a mining option for crypto currencies, as output for advertisements, for SMS campaigns, with a proxy module for DDoS attacks and more. In addition, the Trojan protects itself from being uninstalled and can destroy the infected smartphone if it is overloaded. Really dangerous mobile malware!
Hidden in alleged antivirus apps or "adult apps" with porn content for Android, Loapi is installed on the smartphone. Of the Trojans obtains the administrator rights after query and consent of the user and then starts with its malicious program. The perfidy: it is a modular malware, so individual modules can be added by the hackers or removed from the software. According to Kaspersky [Current BSI warning about Kaspersky (15.03.2022/XNUMX/XNUMX): Read all the background here] currently these Loapi modules are known:
Not that the various modules and their functions are bad enough, Loapi also protects itself against having administrator rights revoked. If the smartphone user starts a corresponding attempt, Loapi blocks the display and closes the window. It also gets an up-to-date list of anti-malware programs that could detect and remove it from its C&C (Command and Control) server. Will a corresponding App installed, the Trojan warns of alleged malware and offers to remove it. The installed antivirus program is simply removed. You can hardly ignore Loapi because the message is repeated again and again in a loop.
Due to the many different modules of the Trojan, which go about their criminal work in the background, as well as the constant messages in case you want to get rid of the malware, the smartphone can be used to such an extent that the battery heats up to the point of deforming. Nikita Buchka, security expert at Kaspersky Lab, explains the facts:
"Loapi is an interesting example of Android malware because the design of the Trojan allows almost any functionality. The reason for this is simple: the device only needs to be infected once and can then be used for a wide variety of malicious and fraudulent activities. Extremely surprising, however, is the fact that Loapi has the possibility of destroying the device. You wouldn't expect something like this even from a sophisticated Android Trojan."
As protection against the new Android malware Loapi and viruses, Ransomware and other malware you should always have the current version of your operating system on your smartphone. Apple delivers new iOS versions as well as patches and fixes very quickly; with Android, the time of the update also depends on the device manufacturer and the network operator. In addition, you should only install apps from outside the official app stores on both Android and iOS in exceptional cases. There are also secure antivirus apps and anti-malware solutions there.
If you want more information about Loapi, its code and the individual procedures of the Android malware, then take a look at Securelist.com past. There the trojan known as the "Jack of all trades" is dismantled. In addition, domains are given that are known as sources for Loapi.
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.