What's new
DroidForums.net | Android Forum & News

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

Malware Pretends to Shut Your Phone Down, Then Steals Your Data

Jeffrey

Premium Member
Premium Member
viruslab2.jpg

AVG, the internet security firm has announced the discovery of a new piece of malware that is targeting Android Smartphones.

The malware, known as the PowerOffHijack, hijacks the shutdown process making it appear that your rooted device has turned off. The device is not off. It just looks as if it is. Now, the malware starts stealing data.

Based on the way the malware operates, it's unlikely that users will be aware that the malware has infected their device. When powering down, users are presented with their regular shutdown animation, which makes it look as if the device is about to shut down as normal.

AVG, states that the malware originated in China where it is thought to have infected more than 10,000 devices.

For more info, head over to AVG where they posted snippets of the actual code.
 
So the only sure way to turn off one's phone is to do a battery pull now huh....(Yeah I can be paranoid)
 
No, not true. There is no way to bypass the full hard shut down done by holding power and volume down for ten seconds.

It is a full hardware process and is completely dependent on the button combination to initiate a hardware countdown to a full power interrupt.

Sent from my Droid Turbo on Tapatalk.
 
Last edited:
except the only way to get this is to be rooted, and download some very sketchy Chinese apps from a 3rd party app store! Funny how AGV declined to tell you that

Chris
 
except the only way to get this is to be rooted, and download some very sketchy Chinese apps from a 3rd party app store! Funny how AGV declined to tell you that

Chris
I believe they did disclose it. Check the link above.
 
except the only way to get this is to be rooted, and download some very sketchy Chinese apps from a 3rd party app store! Funny how AGV declined to tell you that

Chris

I believe they did disclose it. Check the link above.
From the AVG site as per the link;

" First seen in China, the malware spreads through Chinese app stores with around 10,000 devices infected so far.

The malware affects versions of Android older than v.5 (Lollipop) and requires root permission to hijack the shut down process."

And;

" Analysing the malware

First, it applies for the root permission.

Second, after root permission is acquired, the malware will inject the system_server process and hook the mWindowManagerFuncs object."

Sent from my Droid Turbo on Tapatalk.
 
This happened to me the other day with my Razr Maxx hd and all I did was what FoxKat said , Hold down the Off/On button & Volume down and the phone rebooted just fine. Has not shut down since.
 
Back
Top