Android device shutdown hijacking software appears in China

Android device shutdown hijacking software appears in China

[[127995]]

Antivirus company AVG recently discovered an Android malware called "PowerOffHijack" that works in a unique way: it hijacks the shutdown process. PowerOffHijack makes your phone look like it is turned off, and then snoops on your phone.

In other words, when you press the power off button, your device does not actually shut down. Although you still see the shutdown screen and the screen turns black, your phone or tablet is actually on.

When your Android device is in this state, PowerOffHijack will make phone calls, take photos, and "perform other tasks without the user's knowledge."

Here’s how this Android malware hijacks your computer:

First, it gains root privileges.

Then, after gaining root privileges, the malware injects itself into the system_server process and hijacks the mWindowManagerFuncs object.

Then, when you press the power button, a fake dialog box will appear. If you choose to shut down, it will show a fake shutdown screen with the screen off but the phone on.

Finally, in order to make your phone look like it is really turned off, some system broadcast services are also hijacked.

Here is the code for PowerOffHijack to record the call:

Here is the code that PowerOffHijack uses to send a private message:

While AVG has published numerous reports describing how PowerOffHijack hijacks the shutdown process, there is little information about the software itself. AVG did not explain how they discovered the malware, nor how it got onto Android devices. The fact that the software requires root access means it won't just access your phone while you're browsing the web.

Most Android malware enters Android devices when users install suspicious apps from third-party app stores.

"We found that this malware targets Android systems below 5.0, it requires root privileges, and so far we have found about 10,000 devices infected, mostly in China because it first appeared in China. We see it spreading in the Chinese app market," an AVG spokesperson told reporters.

<<:  Apple releases second beta of iOS 8.3 to developers

>>:  Cortana UI is like this now, why don’t you chat with it?

Recommend

QQShare: How did an unknown app in China become a national app in India?

[[167125]] In China, not many people know Yan Fei...

Code to handle iOS horizontal and vertical screen rotation

1. Monitor screen rotation direction When dealing...

Buying a Tesla for the price of an Accord? It's not a pipe dream

As expected, Tesla will release the much-anticipa...

How to do EDM marketing? Here is a complete guide to promotion

EDM marketing is now used by many product operati...

Lenovo takes the lead: Can Challenger Motorcycle be reborn?

[[127123]] Dong Jun At 3 pm on February 26, 2015,...

The underlying logic of product planning from 0-1!

Make product strategy and brand strategy. Some pe...

B station product analysis!

At the just-concluded 9th China Internet Audiovis...

Free as a fish! All humans need to survive in the ocean is a gill?

Your browser does not support the video tag Autho...