A particularly nasty piece of Android malware has been discovered by security experts AVG. It’s being called PowerOffHijack, and it’s capable of fooling you into thinking a phone is turned off, but instead it remains covertly active – and potentially spying on your every move.
How does it work? According to AVG’s research, the malware takes over when you hit the power on/off key, and while it’ll still present the usual options and shutdown animation, the phone will stay on. Behind a black screen, the malware could enable the device to make calls, send out messages, or even access the camera app. All without your knowledge or permission.
While AVG goes into considerable, and very techy, detail about how the malware does all these things, but what we care about is the likelihood of PowerOffHijack being found on our own phones.
Speaking to VentureBeat, AVG said the malware is affecting Android versions up to 5.0 Lollipop, and around 10,000 installations have been tracked so far, with the majority coming from China. It’s apparently being spread through apps downloaded from stores other than Google Play, which isn’t accessible in China.
However, here’s some good news. The malware only affects phones that have been rooted, so anyone with a stock Android device running standard software – yes, that includes Google’s hardware like the Nexus 6 – is quite safe from the threat. If you’re not sure if your phone is rooted, then there is a very high chance it’s not, due to the complicated process needed to gain root access.
If you have rooted your phone, and are concerned it has picked PowerOffHijack up, then AVG says its own anti-virus software will detect it. Alternatively, it states the best way to ensure your phone is switched off is to remove the battery – which is all very well unless you own a phone where the battery’s fixed in place.
