SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
20 Feb 2015

New Android Trojan spies on users

AVG researchers have discovered a new Android Trojan that tricks users into believing they have shut their device down while it continues working, and is able to silently make calls, send messages, take photos and perform many other tasks.

They dubbed it, and AVG's security solutions detect it as PowerOffHijack. PowerOffHijack has been discovered in China, where it has already infected over 10,000 devices. It is apparently being propagated via third-party online app stores, but the researchers haven't mentioned what apps it masquerades as.

The Trojan is capable of infecting Android versions below v5.0 (Lollipop). How does it work? "After pressing the power button, you will see the real shutdown animation, and the phone appears off. Although the screen is black, it is still on," the researchers explained. That's because the malware, after having previously obtained root access, is capable of injecting the system server process that hooks the mWindowManagerFuncs object, and ultimately prevents the mWindowManagerFuncs.shutdown function to do its job, which is to first shut down radio service and then invoke the power manager security service to turn the power off.

After keeping the power button pressed long enough to initiate the shut down procedure, the victims are presented with a fake pop-up that asks confirmation of the process, and see a fake shut down animation. The malware and the phone will continue working, but the screen will be black.

OUR POINT
A great amount of vulnerabilities were found in Android platform for the last time. The malicious program, included in the virus database under the name of Android.BankBot.34.origin, was capable of stealing personal information of owners of mobile devices, as well as to steal money from Bank accounts and the accounts of the mobile phones of their victims. A new Android Trojan that specializes in stealing banking information by intercepting SMS messages has been making the rounds. A couple of related vulnerabilities on the Google Play Store have left Android users vulnerable to malware-slingers. The number of trojans is growing, so they may imitate the behaviour of gadgets that you won’t be able to recognize whether they are safe or not. Be careful, when installing applications, if you doubt - yes or no - it is better not to risk!
Tags:
trojan Android surveillance
Source:
Help Net Security
2203
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015