Last year’s Samsung Galaxy Note 7 would have been grand had it not turned into a deadly weapon. This year, however, you don’t need to buy such an expensive (not to mention no longer available) product to have an incendiary device in your bag or pocket. You simply need to get your Android phone infected by this new Loapi Trojan, formally Trojan.AndroidOS.Loapi and, before long, your phone could become smoking hot, literally. In all seriousness, however, this malware represents a new and downright worrying trend that could threaten not just smartphones but users’ safety as well.
To be fair, though it doesn’t deserve fairness, Loapi isn’t designed to physically harm your Android device. In general, it simply gets admin access in order to do a variety of harmful things. It is what’s being billed as a jack of all trades since it can do almost anything once it gains those rights, like serve up incessant ads, sign you up for paid subscriptions, and install other modules.
Making matters worse is that Loapi behaves like Skynet from Terminator, protecting itself from any attempts to destroy it. Once installed, it will nag you to give it admin privileges. If you try to remove those permissions, it will lock the screen and kick you out. If you install an honest to goodness security app, it will label those as malware and nag you to remove them.
So how do you get infected in the first place? The usual social engineering methods of clicking on suspicious ads, visiting shady websites, or installing apps from unverified sources. They say prevention is better than cure, and this is definitely one of those situations. You could also install some antivirus software. Naturally, Kaspersky recommends its own, but any reputable and trustworthy app would also do. Just download them from Google Play Store, of course.