Skip to content Skip to sidebar Skip to footer

Android Malware Physically Destroying Telephone Past Times Running Cryptocurrency Miner

Android Malware Physically Destroying Phone past times Running Cryptocurrency miner


Trojanized Android apps evolving quickly inwards play shop in addition to continuously targetting users a novel malware strain Trojan.AndroidOS.Loapi spotted consist of modular architecture which is capable of performing multiple attacks.



Security researchers from Kaspersky labs discovered the trojan dubbed “Loapi” which tin forcefulness out harm the telephone past times downloading a Monero mining module which generates a constant charge that makes the battery bulged in addition to damages the telephone cover.




How the Malicious files Distributed – Loapi
Loapi is non reached play store, they are distributed through advertising campaigns. It hides behind closed to Antivirus, adult content apps, researchers flora to a greater extent than than xx sources that distribute Loapi. Users are redirected to the attacker’s malicious website in addition to the file downloaded from there.

Once it installed it checks for the root permission, simply it doesn’t purpose root privileges, the applications proceed on trying to teach device administrator permissions.



Execution in addition to Self-Protection
Loapi if obtains admin permissions it performs diverse activities in addition to it won’t permit users to revoke the device director permissions past times using measure in addition to forcing users to uninstall legitimate Antivirus past times posing endless stream of popups.

First it downloads the malicious app file in addition to the minute phase the DEX payload which sends the device information to the C&C servers, amongst the 3rd phase the modules are downloaded in addition to initialized.

Modules Installed
Advertisement module: Involved inwards the progress of aggressive ads displaying.
SMS module: used inwards Sending requests to C&C
Web crawling module: used inwards Hidden Javascript execution
Proxy module: HTTP proxy server used to organize DDoS attacks
Mining Monero: Used to perform to perform Monero (XMR) cryptocurrency mining

Regarding the cryptocurrency mining, the malware apps are designed to mine Monero from the users’ devices. The researchers installed an Android app amongst Loapi trojan on a exam device. After ii days, the constant charge past times the mining module caused the battery to bulge in addition to harm the device physically.