Security researchers receive got unearthed a novel Android Trojan that tricks victims into believing they receive got switched their device off piece it continues "spying" on the users' activities inward the background. So, side past times side fourth dimension endure real certain piece you lot plough off your Android smartphones.
The novel Android malware threat, dubbed PowerOffHijack, has been spotted in addition to analyzed past times the researchers at the safety draw of piece of occupation solid AVG. PowerOffHijack because the nasty malware has a real unique characteristic - it hijacks the shutdown procedure of user’s mobile phone.
MALWARE WORKS AFTER SWITCHING OFF MOBILES
When users presses the might push clit on their device, a mistaken dialog box is shown. The malware mimics the shutdown animation in addition to the device appears to endure off, but genuinely remains on, giving the malicious plan liberty to motility around on the device in addition to bag data.
"After pressing the might button, you lot volition encounter the existent shutdown animation, in addition to the telephone appears off. Although the covert is black, it is even then on," AVG’s mobile malware query squad explained inward a blog post. "While the telephone is inward this state, the malware tin hand notice brand outgoing calls, receive got pictures in addition to perform many other tasks without notifying the user."
HOW DOES POWEROFFHIJACK MALWARE WORKS ?
Once installed, the malware asks for root-level permissions in addition to tampers alongside the 'system_server' file of the operating organization to deport on the shutdown process. The malware especially hijacks the mWindowManagerFuncs interface, then that it tin hand notice display a mistaken shutdown dialog box in addition to animation every fourth dimension the victim presses the might button.
The nasty malware is plainly existence propagated via third-party online app stores, but the researchers haven't mentioned the names of the the innocent-looking apps, every bit good they haven’t explained how the malware gains the source access of the device. The code shown past times AVG appears to contact Chinese services.
USERS AND ANDROID VERSIONS INFECTED
According to the company, PowerOffHijack malware infects devices running Android versions below 5.0 (Lollipop) and requires source access to perform the tasks.
So far, PowerOffHijack malware has already infected more than 10,000 devices, to a greater extent than ofttimes than non inward Red People's Republic of China where the malware was get-go introduced in addition to offered through the local, official app stores.
PowerOffHijack malware has might to silently transportation lots of premium-rate text messages, brand calls to expensive overseas numbers, receive got photos in addition to perform many other tasks fifty-fifty if the telephone is supposedly switched off.
EASY STEPS TO GET RID OF POWEROFFHIJACK
In gild to larn rid of PowerOffHijack malware, users are advised to receive got some unproblematic steps:
In gild to larn rid of PowerOffHijack malware, users are advised to receive got some unproblematic steps:
- To restart infected device manually only receive got out the battery.
- Remove malicious, untrusted in addition to useless apps from your Android device.
- Do non install apps from 3rd Party app stores.
- Make certain you lot receive got a expert anti-virus installed in addition to updated on your mobile devices. AVG antivirus production tin hand notice discovery PowerOffHijack malware.