Expand / Collapse search
Watch TV
Menu

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.

Tech

This Android malware can overheat and warp your phone

By PCmag
Published | Updated
Android logo

File photo - A 3D printed Android logo is seen in front of a displayed cyber code in this illustration taken March 22, 2016. (REUTERS/Dado Ruvic/Illustration)

Security researchers have spotted a strain of Android malware that can physically damage your phone.

The Loapi malware does so by maxing out the processor's computing power, and overheating your device. On Monday, security researchers at Kaspersky Lab posted pictures of the malware causing a test phone's battery to bulge after a two-day period.

The overheating comes from the malware's ability to secretly mine a virtual currency called Monero and deposit the funds to the hackers. The constant mining will both hog the CPU resources and force it to overwork.

Hackers have been dressing up the Loapi malware as fake Android apps that pretend to offer antivirus protection or pornographic content.

More From PCmag

Once installed, the malware will persistently ask for administrative privileges until the user agrees. From there, it'll masquerade as an antivirus product or hide itself away from the smartphone's menu.

The Loapi malware is quite nasty. It will fight off attempts to revoke device manager privileges by locking the screen, closing the settings window, or threatening to wipe the phone's memory. The malware will even flag legitimate antivirus apps as malicious, and recommend that the user remove them.

The Loapi malware was also designed with a whole range of capabilities. Not only can it mine cryptocurrency, but it can also fill the phone with ads, use the device to launch a distributed denial-of-servce (DDoS) attack, and take control over the phone's SMS messages.

"We've never seen such a 'jack of all trades' before," the security researchers wrote in their Monday blog post.

The researchers spotted Loapi-loaded apps advertised online, but not on the official Google Play Store. Their blog post contains the 19 different domains where the apps have been hosted.

Security experts also advise that users stay away from unofficial app stores for their tendency to host software loaded with malware.

This article originally appeared on PCMag.com.