QUICK LINKS

Feature Article

February 25, 2015

Android Malware Hijacks the Phone When It's 'Off'

Taking a page from Hollywood blockbusters, a newly discovered malware hijacks Android mobile phones when owners believe they have switched them off—allowing a phone to be tracked, or used to take pictures, send surreptitious messages, or record and make calls.

The security team at AVG mobile first uncovered the malware, which it has dubbed Android/PowerOffHijack. Essentially, it hijacks the shutdown process and the device remains functional even though it appears to be off. After pressing the power button, the phone displays an authentic shutdown animation, and the phone appears off, with a black screen—only, it isn’t.

First seen in China, the malware has spread through Chinese app stores, with around 10,000 devices infected so far, AVG noted.

The malware affects versions of Android older than V.5 (Lollipop) and requires root permission to hijack the shut-down process.

This is the latest Android bug—and sadly, won’t be the last. While Google actively polices the Google Play Store to weed out malicious apps, the OS remains an attractive target for hackers thanks to the sheer numbers of apps for the platform. And, third-party app stores often have no such

And, there are rampant vulnerabilities to be concerned about. Earlier this week, McAfee noted that more than 70 percent of the 25 most-downloaded mobile apps that were found to be vulnerable to Man in the Middle attacks last year, still not been fixed.

The Intel Security vendor’s McAfee Labs Threats Report for February 2015 found that a whopping 20,000 Android apps failed to validate SSL certificates via HTTPS properly, thus exposing them to MITM attacks.

In testing, McAfee researchers were able to execute proof of concept attacks that stole log-ins for third party services like social network accounts and Microsoft OneDrive, as well as “credentials that belong to their own systems and services.”

Any issue like this has the potential to affect a huge user base. For example, the most popular insecure app analyzed by McAfee has been downloaded 100-500 million times.

Edited by Maurice Nagle

>>> More MobilityTechzone Articles...

FOLLOW MobilityTechzone

Apps on Tap

Personal Coaching App Mobilizes Personal Growth

The Best Travel Apps Just in Time for the Holidays

View all »

Mobile Devices

Does Less Shopping Mean Less Phone Value?

BLU Products Releases Its First 4G LTE Smartphone

View all »

Blogs

	ConnectLeader
	ConnectLeader
	XKL at TEX 2016
	Richard McFarland of Voice4Net at Real Time Web Solutions 2016
	Bent Rye of Temasys at Real Time Web Solutions 2016

QUICK LINKS

Feature Article

Android Malware Hijacks the Phone When It's 'Off'

Featured Story

Apps on Tap

Personal Coaching App Mobilizes Personal Growth

The Best Travel Apps Just in Time for the Holidays

Mobile Devices

Does Less Shopping Mean Less Phone Value?

BLU Products Releases Its First 4G LTE Smartphone

MobilityTechzone Headlines

The Rise of SASE-Based Offerings

Smart Boards & Tablets: How It Is Transforming Education

The 5 Pillars of Data Observability

How Working from Home Can Work for You

Will CBRS Change Everything? Those Who Envision Decentralized Private Enterprise Networks Think So

What type of delivery apps are most popular in the world?

Subscribe to MobilityTechzone eNews

MobilityTechzone Whitepapers

Exploring CX strategy and technology adoption: A decision-maker's chart

Transforming Customer Experience

RingCentral RingCX overview

RingCentral RingCX Interactive Voice Response

RingCentral RingCX Analytics

Are you up to speed on the latest in mobile technology?

Subscribe to MobilityTechzone eNews MobilityTechzone eNews delivers the latest news impacting technology in the Wireless industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter