Loapi mining malware could murder your mobile

312

This year’s surge in crypto interest has inevitably attracted a more sinister side, cybercrime. With newbie traders and hodlers flocking to the crypto scene the number of exploits and vulnerabilities will increase granting greater opportunities to hackers.

Browser mining is nothing new and has been around since 2013 however it is getting more sophisticated. Just last week malware was discovered embedded in Chrome extensions for Facebook Messenger. The most common software is Coinhive which can be embedded into websites to start mining using reader’s computing power whenever they access the site. It runs surreptitiously in the background and leeches off the CPU which will slow the machine down considerably causing additional wear and tear, not to mention the electricity consumption.

As smartphones have developed into hand held computers with multi-core processors and plenty of RAM they too have become targets for cybercriminals and malware. Cybersecurity firm Symantec have reported a 34% increase in malicious mobile mining apps. Most of them are set to mine Monero because of its privacy and anonymity protocols.

Russian cybersecurity firm Kaspersky has discovered another form of mobile mining malware called Loapi which is even more sinister. Researchers used a test phone in their lab to run the malware for studies however after just two days the device had been destroyed;

 “Because of the constant load caused by the mining module and generated traffic, the battery bulged and deformed the phone cover,” 

Android users get infected via compromised adverts or fake content such as anti-virus products or adult apps.  The Loapi Trojan will install itself and take Admin rights over the device, often masquerading as an anti-malware app itself. In addition to crypto mining Loapi will plague the device with unwanted ads, sign up to paid subscriptions, use mobile bandwidth to launch DDoS attacks and download additional modules. The Kaspersky blog went on to state;

“Samples of the Loapi family are distributed via advertising campaigns. Malicious files are downloaded after the user is redirected to the attacker’s malicious web resource. We found more than 20 such resources, whose domains refer to popular antivirus solutions and even a famous porn site”

The mining component is extremely demanding on the hardware, running the processor at 100% while it sends Monero profits to the attackers. This is one to look out for so if you notice your phone running slow or the battery getting hot it could be infected. To protect yourself further only download trusted apps from official app marketplaces, disable the ability to install apps from unknown sources, only use what you really need, and use proven and reliable AV apps from companies such as Symantec, Kaspersky, Malwarebytes, Avast, and Trend Micro.

 

Comments