A new type of Android malware was discovered recently after it physically harmed a phone. Researchers from Kaspersky...
Lab are calling it a jack-of-all-trades because it can perform a variety of malicious activities. What are these activities, and what steps can users take to avoid this type of attack?
Cyberattacks that cause unintended physical damage to devices are less common than typical cyberattacks, and they are often detected only as a result of that damage. For standard functionality, cyberattacks use well-known software development best practices, such as using modular development and incorporating known working libraries, as this lowers the development costs and can maximize profits for the attacker.
Kaspersky Lab found a piece of malware -- named Trojan.AndroidOS.Loapi -- that meets that criteria and is considered a jack-of-all-trades for its diverse functionality.
Trojan.AndroidOS.Loapi malware has a modular architecture and, after two days of analysis, caused a phone to overheat and the phone cover to deform. Unlike when a Samsung Galaxy Note 7 previously caught fire, if your phone or laptop overheats, there is probably suspicious activity occurring that you should investigate.
For example, Trojan.AndroidOS.Loapi has modules for displaying ads, sending SMS messages, web crawling to subscribe the user to for-fee services, a proxy module to turn the device into a web proxy and the ability to mine Monero. The SMS module has several uses as a part of the command-and-control connection and spreads the malware along with generic capabilities to use SMS messages.
Kaspersky reports that the malware is installed by opening malicious URLs to install apps from SMS messages and through advertising campaigns. Because the malware isn't distributed through the Google Play Store, you can prevent infection by only installing apps from the Play Store. In addition, an endpoint security tool may help stop malicious applications.
Ask the expert:
Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Dig Deeper on Mobile application security best practices
Related Q&A from Nick Lewis
The Qihoo 360 Core Security team found a Microsoft vulnerability -- named Double Kill -- that affects applications via Office documents. Learn how ... Continue Reading
IBM X-Force found MnuBot -- a new banking Trojan -- manipulating C&C servers in an unusual way. Learn how this is possible and how this malware ... Continue Reading
Researchers at Trend Micro found a new strain of malware -- dubbed FacexWorm -- that targets users via a malicious Chrome extension. Discover how ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.