'Loapi' Cryptocurrency Mining Malware Is Causing Phone Batteries To Bulge (newsweek.com)

← Back to Stories (view on slashdot.org)

'Loapi' Cryptocurrency Mining Malware Is Causing Phone Batteries To Bulge (newsweek.com)

Posted by BeauHD on Tuesday December 19, 2017 @10:00AM from the too-hot-to-handle dept.

An anonymous reader quotes a report from Newsweek: Security researchers have discovered a new form of powerful malware that secretly mines cryptocurrency on a person's smartphone, which can physically damage the device if it is not detected. Researchers from the Russia-based cybersecurity firm Kaspersky investigated the malware, dubbed Loapi, which they found hiding in applications in the Android mobile operating system. The malware works by hijacking a smartphone's processor and using the computing power to mine cryptocurrency -- the process of confirming cryptocurrency transactions by completing complex algorithms that generate new units of the currency. Loapi physically broke a test phone used to study the malware, after two days of the device being infected with it. "Because of the constant load caused by the mining module and generated traffic, the battery bulged and deformed the phone cover," the Kaspersky blog states.

28 of 55 comments (clear)

Min score:

Reason:

Sort:

Phone problem, not really malware's fault by dunkindave · 2017-12-19 10:15 · Score: 5, Insightful

In all fairness, if using the phone extensively can cause the battery to bulge, then that is a problem with the phone's or battery's design. The fact it is made more likely to occur by the malware doesn't change that the phone's design is flawed.
1. Re:Phone problem, not really malware's fault by torkus · 2017-12-19 10:24 · Score: 2
  
  Agreed. Even under heavy use a phone should reach thermal equilibrium in 15-20 min...with no parts getting any hotter then they already are...and that should be within the design temp for the device and battery.
  Now, if this test phone broke because they let it run for two days and during which it was subject to temp fluctuations (such as the sun coming through a window and cooking the phone) then this isn't especially news beyond 'battery failing as intended during extreme heating'
  I have to wonder though - how much can you really mine from phone CPU and GPU? I guess if you have infected millions of them...but phones are generally harder targets than computers and have much, much less processing capacity.
  
  --
  You can get rich if you own a politician, but you have to be rich to buy one in the first place.
2. Re:Phone problem, not really malware's fault by Hal_Porter · 2017-12-19 10:30 · Score: 3, Insightful
  
  Batteries swell when they worn out. And they wear out faster at higher temperature.
  https://www.newscientist.com/a...
  Something like cryptocurrency mining will max out the CPU, which will draw more power which increase temperature.
  Lithium ion batteries are basically consumables and need to be user replaceable. Sadly most electronics seems to be moving in the direction of non user replaceable batteries which makes it consumable too.
  If it's a $20 pair of Bluetooth headphones I suppose it doesn't matter. If it's a $600 phone, I think it very much does.
  
  --
  echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
3. Re:Phone problem, not really malware's fault by 140Mandak262Jamuna · 2017-12-19 11:50 · Score: 1
  
  If it's a $20 pair of Bluetooth headphones I suppose it doesn't matter. If it's a $600 phone, I think it very much does.
  The phone makers agree with you, it matters. Where they differ is, you think it is bad and they think it is good.
  It means a steady supply of rubes who will line up to buy a new model every two years. Make it user replaceable, and these skinflint users, with absolutely no loyalty or gratitude or appreciation for the phone makers, continue to use the phone for three, four or even five years. Wall street demands performance every quarter. Miss the wall street whisper numbers, thats it, they punish the stock, the price does not hit the trigger points, and stock options and bonuses dont get awarded, it is catastrophic.
  And here you go crabbing about some user saving a few hundred dollars.... Tell me, in the bigger scheme of things, which is bigger, 600$ or several hundred million dollar bonuses?
  
  --
  sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
4. Re:Phone problem, not really malware's fault by Hal_Porter · 2017-12-19 12:20 · Score: 2
  
  Yeah, pretty much. I found an interesting article on Motley Fool about cell phone replacement cycles
  https://www.fool.com/investing...
  Apple and Samsung are pushing to shorten them to sell more phones and non replaceable batteries, slowing the phone with each upgrade and moving to people where they replace each year is a way to do that. Meanwhile Americans tend to keep their phones longer and longer, probably because they're pissed off that phones are being increasingly defeatured.
  
  --
  echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
5. Re:Phone problem, not really malware's fault by drinkypoo · 2017-12-19 16:14 · Score: 1
  
  Meanwhile Americans tend to keep their phones longer and longer, probably because they're pissed off that phones are being increasingly defeatured.
  Nah, it's the same thing that happened to desktops. The phones are fast enough for all the stuff they want to do on them already.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
6. Re:Phone problem, not really malware's fault by Hal_Porter · 2017-12-19 21:53 · Score: 1
  
  I used to look forward to getting a new phone, these days I put off as long as I can.
  
  --
  echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
7. Re:Phone problem, not really malware's fault by thegarbz · 2017-12-20 00:03 · Score: 1
  
  Batteries swell when they worn out. And they wear out faster at higher temperature.
  If they do this in 2 days then it is still a phone design flaw.
LOL, flawed hardware! by evanh · 2017-12-19 10:21 · Score: 2

The phone's designers need shot for that one. You can complain about the software flattened the battery but not for setting the battery alight.
It's like someone playing a game then complaining the game makes the laptop overheat. Same story, the hardware combination is the problem, not the program running on it.
1. Re:LOL, flawed hardware! by Calydor · 2017-12-19 11:19 · Score: 2
  
  There is one thing you should consider, though.
  There is no phone on the market that can run at 100% CPU use for two days without being plugged in.
  If your phone runs at 100% CPU use for any kind of extended time, it gets HOT. Like, really painful-to-touch hot.
  If your phone gets this hot and you don't know why, you should shut it down and get it repaired.
  It lasts for two days under operating parameters that are so incredibly unlikely (if not considering malware of this sort, obviously) that the biggest complaint really should be that the phone doesn't automatically shut down, NOT that the battery physically can't take it.
  
  --
  -=This sig has nothing to do with my comment. Move along now=-
2. Re:LOL, flawed hardware! by AHuxley · 2017-12-19 12:28 · Score: 1
  
  Problems when using the device at 100% CPU/GPU at full battery should have been the first tests done with any generation of design.
  Does the device deal with the heat at the max settings and just use battery power normally.
  If that device can run at 100% gpu/cpu when powered then thats a total fail.
  
  --
  Domestic spying is now "Benign Information Gathering"
3. Re:LOL, flawed hardware! by drinkypoo · 2017-12-19 16:25 · Score: 1
  
  If your phone runs at 100% CPU use for any kind of extended time, it gets HOT. Like, really painful-to-touch hot.
  I've done a bit of android benchmarking, and this is not universally true.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Re:How much more negative stories do we need? by rmdingler · 2017-12-19 10:35 · Score: 1

Well, this is a way of driving the economy. All those bulged batteries will need a replacement.
The glazier's fallacy pretty much explains the failed logic of your contention.

--
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
Re:DIY Cryptocurrency Mining... by magarity · 2017-12-19 10:42 · Score: 1

Mining via a million unsuspecting phone owners beats any individual motherboard no matter how many slots.
Re:Cheap Android phones by rogoshen1 · 2017-12-19 10:43 · Score: 1

well no, the iPhone would throttle down to 486 dx2 speeds after a few minutes.. but hey, you'd be able to play commander keen pretty well.
Re:DIY Cryptocurrency Mining... by Fly+Swatter · 2017-12-19 10:45 · Score: 1

Your affiliate link is way overpriced, looks like it debuted at 200 - those laughable 3rd parties all want 300+. Anyone that buys that is a moron (and I base that on your intended purpose, not the price).
Re:DIY Cryptocurrency Mining... by Fly+Swatter · 2017-12-19 10:51 · Score: 1

I wonder how many of those golden bitcoins are actually made on stolen hardware? It would be an interesting statistic.
Not the Software's Fault by TheFakeTimCook · 2017-12-19 11:08 · Score: 1

The fact that the battery bulged is not the fault of the hideous, shitty cryptomining software; but rather the fault of the shitty CHARGING CIRCUIT (and/or shitty Battery) in the crappy (no doubt Android) PHONE that Kaspersky used in their testing.
Software not actually used in the CHARGING process CANNOT cause a battery to bulge.
TERRIBLE story.
So what they're saying here... by mark-t · 2017-12-19 11:17 · Score: 1

.... is that they've invented viagra for batteries?

--
File under 'M' for 'Manic ranting'
Poor Cellphone Design! by BrendaEM · 2017-12-19 11:36 · Score: 1

A properly designed cellphone should shut down or throttle to prevent overheating.

--
https://www.youtube.com/c/BrendaEM
1. Re:Poor Cellphone Design! by istartedi · 2017-12-19 20:24 · Score: 1
  
  Amen! Also, good system software on the phone should warn you that an app is consuming that much power. You might not feel the extra heat right away; but if you're not doing anything with your phone and you look at it and see a power consumption tile flashing like crazy then you'd be tipped off.
  
  --
  For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Re:How much more negative stories do we need? by sheramil · 2017-12-19 12:42 · Score: 1

Ban cryptocurrencies already. Look at the damage they do the environment.
Of COURSE! That's the answer - ban them! Because no bad people would continue to use them once they'd been banned, right?
Orly? by slashmydots · 2017-12-19 19:59 · Score: 1

Is it really the malware's fault or is it the idiot phone designers who didn't test or didn't care that the phone can't run at 100% CPU usage indefinitely without damage? Playing Pokemon Go could have caused the same effect.
Re:Sure hosts do & this is how... apk by IWantMoreSpamPlease · 2017-12-20 02:45 · Score: 1

Wouldn't it be easier to have a real website where this could be downloaded from, rather than relying on a random google search to some questionable site?
I mean really Alexander, how hard is it to create a website these days?

--
So rise up, all ye lost ones, as one, we'll claw the clouds.
Re:How much more negative stories do we need? by TheCastro1689 · 2017-12-20 04:34 · Score: 1

What you need to do is break rich people's stuff. They're hording money, and not spending it on anything.
Re:What's questionable about Start64.com? by IWantMoreSpamPlease · 2017-12-20 09:19 · Score: 1

"Shareware" sites like Start64 are blocked where I work. Self-hosted sites, are not.

--
So rise up, all ye lost ones, as one, we'll claw the clouds.
Re:LOL - "great rationale" (not)... apk by IWantMoreSpamPlease · 2017-12-20 22:22 · Score: 1

Take it to e.mail. I am a public servant (very easy to find)

--
So rise up, all ye lost ones, as one, we'll claw the clouds.
Re:"Public Servant"? Wageslave... apk by IWantMoreSpamPlease · 2017-12-22 04:48 · Score: 1

Goddamn you're a moron aren't you? No wonder you've been banned from all manner of websites (here, OS News, ArsTech, the list goes on). I started with a polite question, and you go all retard on me (and plenty of other people I've seen)
You're an adult (supposedly), act like one Alexander.

--
So rise up, all ye lost ones, as one, we'll claw the clouds.