Researchers at Kaspersky Labs have discovered a new Android Trojan dubbed Loapi that has a modular architecture designed to conduct multiple malicious activities.
Users can infect their devices with the malware by clicking on an ad banner and downloading a fake AV or adult-content app.
Loapi will then attempt to gain admin rights to the device with repeated, annoying messages to get the frustrated user to click on OK.
This “jack of all trades” trojan includes the ability to mine cryptocurrencies, sign up for paid subscriptions, annoy users with constant ads, launch DDoS attacks from the infected device and more.
According to the report, the activity can cause damage to your phone, such as overheat the battery after just 48 hours after Loapi infection.
Users can further protect themselves by only downloading apps from trusted sources like Google Play, install AV for Android and also disable the installation of apps from unknown sources for added security, to name a few.