Loapi Android Malware Could Destroy Your Device
Loapi is a new Android malware variant that appears to have evolved from the Podec Android malware. Loapi has a sophisticated modular structure and components for a variety of functions, including: mining the Monero cryptocurrency, downloading and installing additional apps, launching DDoS attacks, and injecting ads in the notification area, among others. The cryptocurrency mining function causes the device to overheat and overwork the phone’s components, causing the battery to bulge and the phone’s cover to deform. Loapi is found hidden in antivirus or adult-themed apps advertised on third-party app stores. The apps inundate users with pop-ups until the user provides it with administrative rights and allows it to uninstall legitimate antivirus apps from the device. To maintain persistence, the malware will close the Settings window if the user attempts to deactivate its administrator account and, if the user attempts to install an app that could detect the malware's presence, Loapi will display a fraudulent message on the screen claiming it detected malware and prompts the user to delete the app. Users will have to boot their device in Safe Mode to remove Loapi-infected apps. The NJCCIC recommends users and administrators of Android devices review the Securelist report on Loapi, run a reputable antivirus application on all devices, avoid downloading apps that require excessive device permissions, and refrain from downloading any apps from third-party, unofficial app stores.