Experts said that the malware, Loapi, a Trojan found in third-party applications, could cause a smartphone’s battery to swell out of its shell within two days.
Loapi is also used to exploit electronic money, launch DoS attacks, access text messages and connect to the web. It consists of at least 20 variants “blended” into anti-virus software and pornographic applications.
Upon installation, Loapi forces the user to authorize the device by turning on the window continuously until the victim clicks. Then it hides its logo or simulates antivirus activity to trick users into believing it to be legitimate.
By connecting to the remote control and command server (C & C), it sends a list of malicious code to the device. As such, it performs almost all the attack techniques from paid subscription services, sends SMS to any contact, generates traffic and jamming from online ads, uses the computing power of the device to “dig” electronic money as well as perform a series of other actions.
To regain control of the device, the user should lock the screen and effortlessly close the popup until it is completely removed from the app store.
Kaspersky Lab said: “We have never seen the battery bulge because of malicious code like this before. It seems to be a new version of Podec – a Trojan that is found in 2015. Use caution when it comes to downloading porn. ”
While Loapi is not available in the Google App Store, users still have to be wary because the trojan is constantly wandering through cybersecurity holes to attack the user.