A stealthy cryptocurrency miner hijacks Android phone processors and then pushes the devices to their literal breaking point.
Cybersecurity firm Kaspersky has investigated a new threat to mobile devices everywhere. According to an official blog post on the issue, “samples of the Loapi family are distributed via advertising campaigns,” and then “malicious files are downloaded after the user is redirected to the attackers’ malicious web resource.”
In their investigation, the firm found more than 20 bogus examples of these “resources,” ironically disguised as antivirus solutions — and in at least one case, pornography. In fact, the only thing “missing” from Loapi is direct control by a remote user. That is small comfort, as “the modular architecture of this Trojan means it’s possible to add this sort of functionality at any time,” according to the post.
Once on board, Loapi takes control of the phone’s processor, using it to “mine” for cryptocurrencies like bitcoin. Generating traceless virtual currency in this manner requires an immense amount of silicon horsepower, and the malware is merciless. Within two days, Loapi’s workload physically deformed the battery of the test device until it bulged to the point that it warped the phone’s cover.
Kaspersky concludes that Loapi’s creators “have implemented almost the entire spectrum of techniques for attacking devices.” It “can subscribe users to paid services, send SMS messages to any number, generate traffic and make money from showing advertisements, use the computing power of a device to mine cryptocurrencies, as well as perform a variety of actions on the internet on behalf of the user/device.”
For now, the malicious application seems to be restricted to Android devices, but if it spreads further, it will not exactly be hard to spot. Just follow the trail of broken phones.
Follow Nate Church @Get2Church on Twitter for the latest news in gaming and technology, and snarky opinions on both.