Malware Pretends to Shut Your Phone Down, Then Steals Your Data

[Jeffrey]

AVG, the internet security firm has announced the discovery of a new piece of malware that is targeting Android Smartphones.

The malware, known as the PowerOffHijack, hijacks the shutdown process making it appear that your rooted device has turned off. The device is not off. It just looks as if it is. Now, the malware starts stealing data.

Based on the way the malware operates, it's unlikely that users will be aware that the malware has infected their device. When powering down, users are presented with their regular shutdown animation, which makes it look as if the device is about to shut down as normal.

AVG, states that the malware originated in China where it is thought to have infected more than 10,000 devices.

For more info, head over to AVG where they posted snippets of the actual code.

 

[94lt1]

I'll never look at shut downs or forced reboots the same way lol

 

[dezymond]

So the only sure way to turn off one's phone is to do a battery pull now huh....(Yeah I can be paranoid)

 

[pc747]

So the only sure way to turn off one's phone is to do a battery pull now huh....(Yeah I can be paranoid)

Except those of us without removable batteries are stuck.

 

[FoxKat]

No, not true. There is no way to bypass the full hard shut down done by holding power and volume down for ten seconds.

It is a full hardware process and is completely dependent on the button combination to initiate a hardware countdown to a full power interrupt.

Sent from my Droid Turbo on Tapatalk.

 

[Jeffrey]

Install AVG. Better safe than sorry.

 

[drtnsnw]

except the only way to get this is to be rooted, and download some very sketchy Chinese apps from a 3rd party app store! Funny how AGV declined to tell you that

Chris

 

[Jeffrey]

except the only way to get this is to be rooted, and download some very sketchy Chinese apps from a 3rd party app store! Funny how AGV declined to tell you that

Chris

I believe they did disclose it. Check the link above.

 

[FoxKat]

except the only way to get this is to be rooted, and download some very sketchy Chinese apps from a 3rd party app store! Funny how AGV declined to tell you that

Chris

I believe they did disclose it. Check the link above.

From the AVG site as per the link;

" First seen in China, the malware spreads through Chinese app stores with around 10,000 devices infected so far.

The malware affects versions of Android older than v.5 (Lollipop) and requires root permission to hijack the shut down process."

And;

" Analysing the malware

First, it applies for the root permission.

Second, after root permission is acquired, the malware will inject the system_server process and hook the mWindowManagerFuncs object."

Sent from my Droid Turbo on Tapatalk.

 

[killer428]

This happened to me the other day with my Razr Maxx hd and all I did was what FoxKat said , Hold down the Off/On button & Volume down and the phone rebooted just fine. Has not shut down since.

 

[grenefroggie]

Install AVG. Better safe than sorry.

It can be avoided by not installing sketchy 3rd party apps. While the Play Store has had its fair share of infected apps, it is usually a pretty safe bet to get your apps from there.