New Android malware pretends to shut down your phone, then steals data

11

Internet security firm AVG has announced the discovery of a new piece of malware that is targeting Android smartphones.

The malware, which is known as the PowerOffHijack malware (catchy) hijacks the shutdown process off the device, making it appear that the device is turned off. However, the device isn’t off and is just made to look like that, which is when the malware starts stealing data from the user.

Due to the way the malware operates, it will be unlikely that users will even be aware that the malware has infected their device. Upon trying to turn their Android phone off, users are presented with their regular shutdown animation displayed on screen, which looks for all intents and purposes that it is about to shut down as normal.

However, the device is actually still on and it during this time that the malware starts stealing data, as well as performing all manner of other tasks, including initiating outgoing calls and taking photos.

The Android malware works by acquiring root permission of the device in order to insert a malicious code which hijacks the shutdown process.

Once the malicious code is active in the device, it initiates the fake shutdown once the power button is pressed.

A post on the AVG blog states that the malware originated in China where it is thought to have infected more than 10,000 devices. AVG also claims that the malware only affects Android devices running versions older than Android Lollipop (v5.).

The good news for Android users is that this malware isn’t in Google’s Play Store.

In order to combat the Android malware until a security patch has been officially released, AVG recommends users remove the battery from their phone so that the phone is completely without power.

News of the PowerOffHijack malware should also act as a reminder to Android users to avoid downloading third party apps from unknown sources or from outside of the Google Play Store. Users should also make sure they antivirus or mobile security software installed on their Android device.

Related: Top 5 Anti-Virus Apps for Android

Source: AVG

Share.

11 Comments

  1. Stone Skull on

    I can’t take the battery out of my phone.. What a stupid solution suggestion.

  2. Lollipop is malware. Never before has my Nexus 7 tablet said System Process not responding, until I installed Lollipop. Slow, sluggish, screen in Chrome goes black, videos take over. Horrible. Why worry about malware when the OS is so slow?

  3. same issue until I did a factory reset to have a fresh os after update.

  4. Hardeep Singh on

    It is serious to learn that there are everyday issues lying under Android. These issues and security flaws can be remediated only when the developers realize the value of safe usage, get their apps tested and scanned for security, before throwing it off directly to the users.
    The explosive growth of mobile apps has created an industry of app development where time-to-market is everything. Security has suffered often and, very publicly, insecure apps have leaked payment, banking, and other sensitive user data, to the embarrassment of major brands.

    We at Appknox (http://www.appknox.com/) offer peace of mind to brand owners & the developers by doing regular security audits of their work, and alerting them to new vulnerabilities as they arise.

  5. Hardeep Singh on

    It is serious to learn that there are everyday issues lying under Android. These issues and security flaws can be remediated only when the developers realize the value of safe usage, get their apps tested and scanned for security, before throwing it off directly to the users.
    The explosive growth of mobile apps has created an industry of app development where time-to-market is everything. Security has suffered often and, very publicly, insecure apps have leaked payment, banking, and other sensitive user data, to the embarrassment of major brands.

    We at Appknox (http://www.appknox.com/) offer peace of mind to brand owners and the developers by doing regular security audits of their work, and alerting them to new vulnerabilities as they arise.

  6. Let me put it this way: my Nexus 7/Kit Kat had the same apps as Lollipop.

    Even after a factory reset, the keyboard input in Chrome is waaaay slow.

    And never before Lollipop did I ever get a The System OS is not responding, would you like to close it?

    This would indicate some major bugs in the OS introduced in Lollipop. You can look it up. I’m not the only one to notice…

  7. Pingback: How secure is Android?

  8. Pingback: How to keep your Android device secure and free from malware