From a9e5cff50f09d4272128637ebdcbc6ea3425ae8f Mon Sep 17 00:00:00 2001
From: Deborah Servili <deborah.servili@gmail.com>
Date: Tue, 19 Dec 2017 08:56:39 +0100
Subject: [PATCH] update Android galaxy

---
 clusters/android.json | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

diff --git a/clusters/android.json b/clusters/android.json
index 2a745da..4392f4b 100644
--- a/clusters/android.json
+++ b/clusters/android.json
@@ -3749,9 +3749,27 @@
           "SMSLocker"
         ]
       }
+    },
+    {
+      "value": "Loapi",
+      "description": "A malware strain known as Loapi will damage phones if users don't remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone's components, which will make the battery bulge, deform the phone's cover, or even worse. Discovered by Kaspersky Labs, researchers say Loapi appears to have evolved from Podec, a malware strain spotted in 2015.",
+      "meta": {
+        "refs": [
+          "https://www.bleepingcomputer.com/news/security/android-malware-will-destroy-your-phone-no-ifs-and-buts-about-it/"
+        ]
+      }
+    },
+    {
+      "value": "Podec",
+      "description": "Late last year, we encountered an SMS Trojan called Trojan-SMS.AndroidOS.Podec which used a very powerful legitimate system to protect itself against analysis and detection. After we removed the protection, we saw a small SMS Trojan with most of its malicious payload still in development. Before long, though, we intercepted a fully-fledged version of Trojan-SMS.AndroidOS.Podec in early 2015.\nThe updated version proved to be remarkable: it can send messages to premium-rate numbers employing tools that bypass the Advice of Charge system (which notifies users about the price of a service and requires authorization before making the payment). It can also subscribe users to premium-rate services while bypassing CAPTCHA. This is the first time Kaspersky Lab has encountered this kind of capability in any Android-Trojan.",
+      "meta": {
+        "refs": [
+          "https://securelist.com/sms-trojan-bypasses-captcha/69169//"
+        ]
+      }
     }
   ],
-  "version": 3,
+  "version": 4,
   "uuid": "84310ba3-fa6a-44aa-b378-b9e3271c58fa",
   "description": "Android malware galaxy based on multiple open sources.",
   "authors": [