A new type of Android malware was discovered recently after it physically harmed a phone. Researchers from Kaspersky...
Lab are calling it a jack-of-all-trades because it can perform a variety of malicious activities. What are these activities, and what steps can users take to avoid this type of attack?
Cyberattacks that cause unintended physical damage to devices are less common than typical cyberattacks, and they are often detected only as a result of that damage. For standard functionality, cyberattacks use well-known software development best practices, such as using modular development and incorporating known working libraries, as this lowers the development costs and can maximize profits for the attacker.
Kaspersky Lab found a piece of malware -- named Trojan.AndroidOS.Loapi -- that meets that criteria and is considered a jack-of-all-trades for its diverse functionality.
Trojan.AndroidOS.Loapi malware has a modular architecture and, after two days of analysis, caused a phone to overheat and the phone cover to deform. Unlike when a Samsung Galaxy Note 7 previously caught fire, if your phone or laptop overheats, there is probably suspicious activity occurring that you should investigate.
For example, Trojan.AndroidOS.Loapi has modules for displaying ads, sending SMS messages, web crawling to subscribe the user to for-fee services, a proxy module to turn the device into a web proxy and the ability to mine Monero. The SMS module has several uses as a part of the command-and-control connection and spreads the malware along with generic capabilities to use SMS messages.
Kaspersky reports that the malware is installed by opening malicious URLs to install apps from SMS messages and through advertising campaigns. Because the malware isn't distributed through the Google Play Store, you can prevent infection by only installing apps from the Play Store. In addition, an endpoint security tool may help stop malicious applications.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Mobile application security best practices
Related Q&A from Nick Lewis
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading