New Android Malware Spies On You Even When Phone Is Off

If you thought you could keep malware at bay by switching off your smartphone, you better give reconsider that.

If the latest report by AVG is to be believed, a new sort of virus ‘Android/PowerOffHijack’ has surfaced that preys on Android gadgets even when they have been switched off. Infact, it may seem that you have switched them off but that is not entirely true.

It is important to note that for the malware to affect your device, it depends on two factors. Firstly, the Android device has to run any Android variant earlier than Android 5.0 Lollipop. As you might be aware, that accounts for a majority of Android devices out there. However, the other pre-requisite is for the device to be rooted that is not as common across Android devices despite it being a popular choice.

The malware hijacks powering off process, making it look like phone is off but only turning off display

As for the way this malware works, it takes over the shutdown operation of the device only to fool the user into thinking that the device has powered off once it’s shut down. In essence, it’s only allowing the user to turn off the display at that point. It handles the rest quite cleverly by letting the phone receive calls and messages but without letting the owner of the device be alerted. It can even make calls, send messages and take photos in the meanwhile.

If you are interested in knowing the detailed technicalities as to how the malware is triggered with the power button, you may read up AVG’s version here. Until we have a proper fix for this, you might want to consider taking out the battery to really make sure your device is switched off. Afterall, it’s always better to be safe than sorry.


  • Muhammad Ashraf

    Better to keep the phone off with full battery drain

    • Shahid Saleem

      First seen in China, the malware spreads through Chinese app stores with around 10,000 devices infected so far.

      • Muhammad Ashraf

        there is no geographical boundaries in cyber space, it takes few seconds to spread the virus over internet to whole world. Its serious issue

        • Shahid Saleem

          Um, no. Malware does not always travel automatically. Unless you know how this malware propogates, don’t spread misinformation.

  • Ahmad

    just one sentence to describe the situation

    “Bhans ki ankh” :P

    • Scared Sam

      ..aur hacker ki bhi.

  • Hamza Mustafa

    mujhy note 4 lena chahye ya nhi koi bta sakta hai ? is malware ky bd to mujhy dr lg rha hai sara data hack to ni hojae ga
    ?????

    • Amir

      App skoon se khreed len unless koi new malware na aae. Is malware ko 2 chizen chahiey, ek android ka version 5.0 se kam aur doosra phone ka root hona. So aap phone le len aur root na karen. Aur shyd kch dino me apk Note 4 pe Android 5.0 b aa jae.

      • Hamza Mustafa

        to android lollipop 5.0 ki update kb available ho gi?

    • Fake Persona

      Lagta hay aapnay blog parha he nahi or direct comment karnay aagaey?
      1) Note4 soon Lollipop per update hojaega
      2) Only rooted device will get affected by this malware
      3) Install apps only from official Google playstore, Samsung store or Amazon store. Don’t download/install from unofficial 3rd party stores.

      • Hamza Mustafa

        thnk u bhai bus time bachany ky chakar main post nhi prhi thi

        • Kashif

          Hamza Bhai, wese apki esi konsi secure information hogi note4 k andar jo aap itna darr rahay hain???

          • Hamza Mustafa

            haha ni ni bhai bs photos e hain or to kuch bhi nhi but is ka mlb iphone ka IOS phir zayda best hai ya android lollipop ?

            • Fake Persona

              Just google
              “apple ios vulnerabilities” and “apple celebrity hack” and you will know how secure it is…

              • Hamza Mustafa

                hmmm ok thnk u its mean android is best than ios

                • Fake Persona

                  No, what i meant to say is that anything connected to internet can be compromised to invade user’s privacy…

    • Anas Saleem

      lol, what would u do with a note 4? buy yourself a lumia or something like asha, u have no idea what a smart phone is clearly
      secondly the writer failed to mention that a malware no matter how notorious can be tamed all you would need is a little time and some basic knowledge of what should be in your phone and what shouldnt be, you can easily locate an application that is trying to act rogue and then uninstall, disable or even rip it to pieces

      • Jabbar Haider

        Judging by your tone and the way you are hurling accusations and calling names, it seems you are the one who needs to be TAMED.
        Atleast follow some etiquette when engaging in conversations on the internet or elsewhere.

  • Atif Khan

    Pakistaneo kay paas itni important data nahee kay chori hojaye. Those are for developed countries./

    • Harry

      Pakistani People Have Only Porn In Their Smartphone :-P

    • Hamza Mustafa

      oho thnk u i was otally shocked nd scared by this post ….thanks to u

    • “LAME”

      Rethink buddy! If pakistanis didnt have valuable assets, the recent standard chartered bank hack wouldn’t have taken place! Plus the growth of IT industry has led to many a business entrepreneurs within Pakistan Alhamdulillah :-P
      EXAMPLES LIKHNA START KAR DU TO IS ARTICLE SE ZADA WORD COUNT WALA YE COMMENT HO JAEGA MERA :-D

      • Arsalan Shah

        Nothing to do with Standard Chartered Bank. That is a completely different ball game which has nothing to do with ethnicity i.e Pakistani. It was purely about money.

        Rest, Pakistani’s actually don’t have much to lose, as 95% of Pakistani’s don’t link their Credit/Debit Card with Google Play, not they use it to do anything else. Heck, most Paki’s don’t even store their personal/family photos on their mobile … For whatever reasons. Most Paki Smartphone users still Save Numbers on their SIM, rather than iCloud/G Storage or Phone…

        • Asalam Alekum Arsalan;
          I was referring the example towards USER DATA. Please make yourself proud instead of deeming yourself invaluable! Each and every move we make, call we take, text we send, or even the facebook update we pretend is in jeopardy here! Do you know some years back, Mitsubishi electric paid KESC data centers around 1.5 crores for user data; so that they could survey their ROI in our country – TAAKAY PATA CHALE KE UNKE AC KITNE LOG KHARID LEGE :-P AB BHI SAMAJH NI AYA TO APKO DOUBLE SALAM HA ;-)

          • Arsalan Shah

            Ok Buddy. Knowing which Pakistani’s talk to their girlfriends all night long is really profitable, as they can sell them condoms.. All the best. User Data is valuable in first world countries where there’s money. In Pakistan where over 60% people live in poverty, and the top 30% middle class are EXTREMELY ”kanjoos”, there’s no point for what you’re saying. No one can know anything valuable using a mobile phone – For Pakistan.

            • Anas Saleem

              lol, u r an absolute idiot….. Why do you see adverts? Companies spend billions on marketing even established brands like pepsi and coke.
              I suggest you stop using google porn searches and ask it how the world really works and what consumer data is worth
              google freemium and im sure you would get to learn something and please dont add porn after it

              • Arsalan Shah

                Please don’t be so obsessed with p()rn. Not everyone is into it so enthusiastically like yourself. :) There were other decent examples that you could’ve given, but your tremendous admiration for p()rn tells everyone what you know, and what the reality is.

                • Anas Saleem

                  even though im obsessed with porn, i still understand how the world works and how one can use google to LEARN stuff

    • Anas Saleem

      its actually not about what can be stolen, a malware can do a lot more, from seeding to simple things like taking over the adverts you see
      say for example you downloaded a free apps and that apps has ads in it, the malware can then change those ads to its own ads which means that the revenue which was supposed to be generated by the ap maker will be generated by the malware…… The malware can also use your device for pishing and ddos attack
      and regarding data dude every individual is worth something on the internet, i dont know what you are worth on propakistani but on insta your gross value is around 13-40 dollars lol

  • Shan Ali Khan

    buhahaha android users :D windows phone and iphone best

    • Muhammad Ashraf

      Edward snowden former NSA admitted that he never used iphone reason is it has a software which can be turned on remotely unwantedly and conduct surveillance of its user

    • Fake Persona
    • panjgoori

      You are happy that iPhone and WP are secure ? Hahahahhahaha. Only BlackBerry 10 is secure. Im using S4 with KitKat and rooted and i don’t really care.

    • Ghulam.e.Ahmed

      nothing is secure when you are connected to internet… whatever you are using for security, spying threats are for all of us in the world, no matter where we are, who we are.

  • Inam

    Root that android to Cyanongen and you are good to go!

    • Kashif

      CM is best in unofficial releases, but if you read carefully the malware is effected only on rooted devices (no matter device has unofficial or official android but only the root access)

      • Inam

        In CM you can block/monitor/control root access for each application in a few clicks. That’s why its great. I also love their ‘Privacy Guard’ features as well. No app can access my personal data from my phone now! ;)

  • Mirza Moazzam Baig

    Switched to WP OS already …. I’m loving it …..simply no regrets ….

  • Dr. Aamir Liaquat Hussain

    it spreads through some apps on xda by cheeni meeni developers. I had on my rooted htc but then I unroot but problem is your battery will no longer lasts even after removal. it kills battery life

    • anas qamar

      The reason the battery life is not normal is because your phone still has not actually turned off…

    • Anas Saleem

      aqal ke dushman, check the process stats…. battery drain ka reason samjh ajayega

  • aasim

    this can be a company strategy that people buy new phones which has loli pop ….

    • I was thinking this as AVG strategy to make people download their antivirus.. .

  • Sense knocker

    The amount of logic and sanity in the comments section of this post is TOO DAMN HIGH!!!