New Android Malware Spies On You Even When Phone Is Off

If you thought you could keep malware at bay by switching off your smartphone, you better give reconsider that.

If the latest report by AVG is to be believed, a new sort of virus ‘Android/PowerOffHijack’ has surfaced that preys on Android gadgets even when they have been switched off. Infact, it may seem that you have switched them off but that is not entirely true.

It is important to note that for the malware to affect your device, it depends on two factors. Firstly, the Android device has to run any Android variant earlier than Android 5.0 Lollipop. As you might be aware, that accounts for a majority of Android devices out there. However, the other pre-requisite is for the device to be rooted that is not as common across Android devices despite it being a popular choice.

The malware hijacks powering off process, making it look like phone is off but only turning off display

As for the way this malware works, it takes over the shutdown operation of the device only to fool the user into thinking that the device has powered off once it’s shut down. In essence, it’s only allowing the user to turn off the display at that point. It handles the rest quite cleverly by letting the phone receive calls and messages but without letting the owner of the device be alerted. It can even make calls, send messages and take photos in the meanwhile.

If you are interested in knowing the detailed technicalities as to how the malware is triggered with the power button, you may read up AVG’s version here. Until we have a proper fix for this, you might want to consider taking out the battery to really make sure your device is switched off. Afterall, it’s always better to be safe than sorry.

    • First seen in China, the malware spreads through Chinese app stores with around 10,000 devices infected so far.

      • there is no geographical boundaries in cyber space, it takes few seconds to spread the virus over internet to whole world. Its serious issue

        • Um, no. Malware does not always travel automatically. Unless you know how this malware propogates, don’t spread misinformation.

  • mujhy note 4 lena chahye ya nhi koi bta sakta hai ? is malware ky bd to mujhy dr lg rha hai sara data hack to ni hojae ga

    • App skoon se khreed len unless koi new malware na aae. Is malware ko 2 chizen chahiey, ek android ka version 5.0 se kam aur doosra phone ka root hona. So aap phone le len aur root na karen. Aur shyd kch dino me apk Note 4 pe Android 5.0 b aa jae.

    • Lagta hay aapnay blog parha he nahi or direct comment karnay aagaey?
      1) Note4 soon Lollipop per update hojaega
      2) Only rooted device will get affected by this malware
      3) Install apps only from official Google playstore, Samsung store or Amazon store. Don’t download/install from unofficial 3rd party stores.

    • lol, what would u do with a note 4? buy yourself a lumia or something like asha, u have no idea what a smart phone is clearly
      secondly the writer failed to mention that a malware no matter how notorious can be tamed all you would need is a little time and some basic knowledge of what should be in your phone and what shouldnt be, you can easily locate an application that is trying to act rogue and then uninstall, disable or even rip it to pieces

      • Judging by your tone and the way you are hurling accusations and calling names, it seems you are the one who needs to be TAMED.
        Atleast follow some etiquette when engaging in conversations on the internet or elsewhere.

    • “LAME”

      Rethink buddy! If pakistanis didnt have valuable assets, the recent standard chartered bank hack wouldn’t have taken place! Plus the growth of IT industry has led to many a business entrepreneurs within Pakistan Alhamdulillah :-P

      • Nothing to do with Standard Chartered Bank. That is a completely different ball game which has nothing to do with ethnicity i.e Pakistani. It was purely about money.

        Rest, Pakistani’s actually don’t have much to lose, as 95% of Pakistani’s don’t link their Credit/Debit Card with Google Play, not they use it to do anything else. Heck, most Paki’s don’t even store their personal/family photos on their mobile … For whatever reasons. Most Paki Smartphone users still Save Numbers on their SIM, rather than iCloud/G Storage or Phone…

        • Asalam Alekum Arsalan;
          I was referring the example towards USER DATA. Please make yourself proud instead of deeming yourself invaluable! Each and every move we make, call we take, text we send, or even the facebook update we pretend is in jeopardy here! Do you know some years back, Mitsubishi electric paid KESC data centers around 1.5 crores for user data; so that they could survey their ROI in our country – TAAKAY PATA CHALE KE UNKE AC KITNE LOG KHARID LEGE :-P AB BHI SAMAJH NI AYA TO APKO DOUBLE SALAM HA ;-)

          • Ok Buddy. Knowing which Pakistani’s talk to their girlfriends all night long is really profitable, as they can sell them condoms.. All the best. User Data is valuable in first world countries where there’s money. In Pakistan where over 60% people live in poverty, and the top 30% middle class are EXTREMELY ”kanjoos”, there’s no point for what you’re saying. No one can know anything valuable using a mobile phone – For Pakistan.

            • lol, u r an absolute idiot….. Why do you see adverts? Companies spend billions on marketing even established brands like pepsi and coke.
              I suggest you stop using google porn searches and ask it how the world really works and what consumer data is worth
              google freemium and im sure you would get to learn something and please dont add porn after it

              • Please don’t be so obsessed with p()rn. Not everyone is into it so enthusiastically like yourself. :) There were other decent examples that you could’ve given, but your tremendous admiration for p()rn tells everyone what you know, and what the reality is.

                • even though im obsessed with porn, i still understand how the world works and how one can use google to LEARN stuff

    • its actually not about what can be stolen, a malware can do a lot more, from seeding to simple things like taking over the adverts you see
      say for example you downloaded a free apps and that apps has ads in it, the malware can then change those ads to its own ads which means that the revenue which was supposed to be generated by the ap maker will be generated by the malware…… The malware can also use your device for pishing and ddos attack
      and regarding data dude every individual is worth something on the internet, i dont know what you are worth on propakistani but on insta your gross value is around 13-40 dollars lol

    • CM is best in unofficial releases, but if you read carefully the malware is effected only on rooted devices (no matter device has unofficial or official android but only the root access)

      • In CM you can block/monitor/control root access for each application in a few clicks. That’s why its great. I also love their ‘Privacy Guard’ features as well. No app can access my personal data from my phone now! ;)

  • it spreads through some apps on xda by cheeni meeni developers. I had on my rooted htc but then I unroot but problem is your battery will no longer lasts even after removal. it kills battery life

  • Ltd feature videos

    Watch more at LTD