• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 14th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Technology News
Google News

New Android Malware Spies on You even if Your Phone is Off

February 23rd, 2015 Waqas Android, Google News, Malware, Privacy, Security, Surveillance, Technology News 0 comments
New Android Malware Spies on You even if Your Phone is Off
Share on FacebookShare on Twitter

New Android malware transforms your Phone into a Spy while it is Off – New Android Malware threat has been discovered by prominent security firm AVG.

It is called PowerOffHijack and has a very distinct feature: it compromises the Android device’s shutdown process and spies on you.

Your phone will appear switched off to you but in reality it will be spying on you.

It happens so because the malware hijacks the shutdown system of your phone due to which the device doesn’t turn off when you hit the power-off button.

new-android-malware-spies-on-you-even-if-your-phone-is-off

You will see the actual shutdown animation and your smartphone or tablet’s screen will appear black as well, but the device will stay on.

In this state, the malware PowerOffHijack can easily make outgoing calls, capture images and perform several other tasks without the knowledge of the user.

How PowerOffHijack Works?

It involves a step-by-step process for hijacking the device and performing tasks.

  1. It requests for the root permission
  2. Once it has been acquired, the system_server process is injected with malware and the mWindowManagerFuncs object is hooked
  3. After hooking, when you press the power-off button, a fake dialog box will appear asking for confirmation and once you click Yes a fake shutdown animation will run
  4. The device’s screen will turn black, but it will be on
  5. To create a genuine impact the malware will hook some of the system broadcast services as well
Digging Deeper into the issue:

Although AVG extensively described the malware’s attack process in its report but other relevant details such as how the malware lands on the Android devices in the first place still remain a mystery.

This is what the security firm AVG’s spokesperson has to say about the latest malware issue:

“We see the malware targeting Android below 5.0 and require root permissions in order to hook. We found around 10,000 devices were infected so far, as it’s a fresh technique, and most of those were in China which is where it was first introduced. We see it being spread in the app market in China and it’s being offered through official app stores in that market.”

Since it is obvious that root permission is required, therefore, it is now clear that you cannot pick-up the malware from the web.

Usually, a majority of Android malware infect the device because users often install shady apps from third-party sources/app stores.

Google Play is most unlikely to propagate threats and most of these threats also require side-loading, which by default is disabled on Android devices.

AVG advises users to take the battery out to make sure that their device is really off and not just mimicking the switch off mechanism.

  • Tags
  • Android
  • AVG
  • Google
  • Malware
  • Privacy
  • security
  • Spying
  • Surveillance
Facebook Twitter LinkedIn Pinterest
Previous article Protecting Your Smartphone From Government Spies amid NSA SIM Hack
Next article OpSaudi: Hackers Shutdown Saudi ''Arab National Bank'' website
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera

Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera

6-year-old Moodle flaw exposed millions to account takeover attack

6-year-old Moodle flaw exposed millions to account takeover attack

Scraped data of 1.3 million Clubhouse users published online

Scraped data of 1.3 million Clubhouse users published online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera
Security

Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera

ShinyHunters dump partial database of broker firm Upstox
Hacking News

ShinyHunters dump partial database of broker firm Upstox

6-year-old Moodle flaw exposed millions to account takeover attack
Security

6-year-old Moodle flaw exposed millions to account takeover attack

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us