Android device shutdown hijacking software appears in China

Android device shutdown hijacking software appears in China

[[127995]]

Antivirus company AVG recently discovered an Android malware called "PowerOffHijack" that works in a unique way: it hijacks the shutdown process. PowerOffHijack makes your phone look like it is turned off, and then snoops on your phone.

In other words, when you press the power off button, your device does not actually shut down. Although you still see the shutdown screen and the screen turns black, your phone or tablet is actually on.

When your Android device is in this state, PowerOffHijack will make phone calls, take photos, and "perform other tasks without the user's knowledge."

Here’s how this Android malware hijacks your computer:

First, it gains root privileges.

Then, after gaining root privileges, the malware injects itself into the system_server process and hijacks the mWindowManagerFuncs object.

Then, when you press the power button, a fake dialog box will appear. If you choose to shut down, it will show a fake shutdown screen with the screen off but the phone on.

Finally, in order to make your phone look like it is really turned off, some system broadcast services are also hijacked.

Here is the code for PowerOffHijack to record the call:

Here is the code that PowerOffHijack uses to send a private message:

While AVG has published numerous reports describing how PowerOffHijack hijacks the shutdown process, there is little information about the software itself. AVG did not explain how they discovered the malware, nor how it got onto Android devices. The fact that the software requires root access means it won't just access your phone while you're browsing the web.

Most Android malware enters Android devices when users install suspicious apps from third-party app stores.

"We found that this malware targets Android systems below 5.0, it requires root privileges, and so far we have found about 10,000 devices infected, mostly in China because it first appeared in China. We see it spreading in the Chinese app market," an AVG spokesperson told reporters.

<<:  Apple releases second beta of iOS 8.3 to developers

>>:  Cortana UI is like this now, why don’t you chat with it?

Recommend

How to plan activities and increase user growth?

Overview: 1. What is operation? 2. Set goals 3. M...

Are mini vegetables more nutritious than regular vegetables?

Rumor: Mini vegetables are newly cultivated veget...

The "Pumpkin Lantern" exploded 150 million kilometers away

Various Jack-o'-Lanterns are symbols of tradi...

Ruthless Nokia: Employee was fired for absenteeism after attending funeral

Mr. Wan, an employee of Nokia Communication Syste...

Dating and marriage: mathematics can help you find the best partner

Lovers will eventually marry. When we choose blin...

No idea for APP promotion? One map helps you get all channels! (Super complete)

Everyone working in the Internet industry knows t...

Many people don’t know all these things about wine!

Autumn is the season for grape harvest. Grapes ca...

How to plan a successful fission marketing process design?

Fission marketing is actually somewhat similar to...

How much does it cost to produce the Heihe Lighting Mini Program?

WeChat Mini Program is an application that users ...

12 Ways to Attract New Customers in the Education Industry

Regardless of the industry, attracting new custom...

Lock in the bull's IPOs in Hong Kong to make steady profits

Introduction to the practical course resources fo...