With all these smart devices popping up here and there like mushrooms, not to mention all the malware, trojans, viruses, etc., that you can get. One can't blame a person from being paranoid of having their data and identity stolen from them.
Some paranoid people cover their webcams with paper or plasters so that other people can spy on them. Others put complicated passwords or patterns on their smart devices in case they lost their smartphones. "Well, how about turning off my devices while I sleep? That should keep spies away from me and my devices.". If you think you're safe with that, think again.
There is now a malware, named Android/PowerOffHijack(how fitting), that tricks users into thinking that they've already turned off their devices. But in fact, their device is still turned on and very much active. It is said to have been first seen in China's third party play stores and have infected over 10,000 devices so far. This malware afftects Android versions below 5.0(Lollipop version) and requires root permission to hijack the shutdown process.
How does that work?
Whenever the user decides to turn off their device, the malware displays a fake shutdown dialog box onscreen. The malware will also imitate the infected device's shutdown animation and make it seem like the device is turned off. It will then run amok inside the infected device, doing malicious actions such as stealing data and information from the user.
Let's get technical!
Once the malware has been installed, it will ask the user to grant them root-level permissions then edits the 'system_server' file in order to affect the shutdown process of the infected device which uses the mWindowManagerFuncs object.
What else does PowerOffHijack do besides making it seem like my device is turned off?
PowerOffHijack also has the ability to send out a lot of premium-rate SMS messages. It could even call premium-rate numbers(even expensive overseas numbers), use the infected device's camera to take photos and perform many other tasks even if the infected device is supposedly turned off.
Article Refs: http://www.pandasecurity.com/mediacenter/malware/new-threats-for-android-phones-how-do-they-work-beware-of-your-battery/, http://thehackernews.com/2015/02/poweroffhijack-android-malware.html and http://now.avg.com/malware-is-still-spying-on-you-after-your-mobile-is-off/
No comments:
Post a Comment