Loapi is a modular malware that exploits the smartphone to generate virtual coins and to activate paid subscriptions without the user's knowledge
It's called Loapi and it's the new Android malware discovered by Kaspersky labs. The virus is hidden inside some adult applications or in cybersecurity solutions of your smartphone. These are applications that are not present in the Google Play Store and this should already make users suspicious.
The malware is a real danger for users' smartphones. The reason is very simple: compared to classic single-function viruses, Loapi has a modular architecture capable of making the device perform multiple functions at once. For example, Loapi can use the computing power of the device to mine cryptocurrencies, or it can sign the user up for subscription services. Or even use the smartphone to carry out DDoS attacks. And all these actions can even be carried out simultaneously, depending on the power of the smartphone. This is the first time an Android virus has been discovered that is capable of carrying out all these actions.
How Loapi works
Before analyzing the structure of Loapi, it is necessary to understand how the malware manages to infiltrate the user's smartphone. The virus is distributed through advertising campaigns that promote the installation of antivirus systems and adult apps. Once the application is installed, the malware asks for administrator rights and when it gets them, it takes control of the smartphone. At this point, it starts communicating with the hackers' servers and installs all the various modules it needs to function at its best. The adware module continuously displays malicious advertisements on the smartphone's screen, while the SMS and web crawler module work together to sign the user up for subscription services and make payment SMS disappear before the person can read them. The proxy module, on the other hand, is used by hackers to exploit the device for DDoS attacks. Finally, there is a module to use the power of the smartphone to mine cryptocurrencies, specifically Monero. All in favor of hackers.
A virus that protects itself
In addition to developing a modular virus, hackers have also managed to make it unhackable. If you try to uninstall one of the infected applications, Loapi blocks the operation. And not only that. It is also capable of recognizing antivirus and sends a notification to the user warning him that the defense application might cause problems to the smartphone, inviting him to uninstall it. Il messaggio per la rimozione viene inviato in continuazione fino a quando l’utente non decide di disinstallare l’antivirus.
Oltre a causare tutti questi problemi, il virus surriscalda enormemente lo smartphone fino a poter deformare la batteria, mettendo in pericolo anche la salute delle persone.
Come difendersi dal virus Loapi
Come detto in precedenza, eliminare il malware Android dal proprio dispositivo è quasi impossibile. Ma per difendersi dal virus Loapi è possibile prevenire l’infezione dello smartphone. Come fare? Semplice, seguendo delle semplici regole.
- Non bisogna mai installare applicazioni all’infuori del Google Play Store. Nella maggior parte dei casi le app presenti su store di terze parti sono infettate dai virus
- Aggiornare lo smartphone all’ultima versione disponibile dell’antivirus
- Installare sistemi di difesa come gli antivirus. Ce ne sono di ottimi anche gratuiti.