A sinister new bug hitting Android devices is capable of making calls, sending messages, and taking pictures, all while the phone appears to be off. According to Digital forensics company Rick Crouch & Associates, the malware—called PowerOffHijack—presents a fake dialogue box that prompts the user to shut down when the power button is pressed.
The bug then takes over over the phone’s shutdown process, mimicking the standard procedure and animation to make it appear as though the phone has been turned off.
In reality, the device remains on even though the screen goes black.
While the phone is in this state of perceived stasis, the malware can go to work. PowerOffHijack can access sensitive information and exploit the phone's basic functions, making calls, accessing the camera, and sending text messages.
AVG first discovered PowerOffHijack in China. The firm reports that the malware has infected upwards of 10,000 devices worldwide. Other than the fact that it targets Android devices running 5.0 Lollipop, the latest major version of Google's mobile OS, details about the bug are scarce.
AVG was also able to determine that the malware required root permissions to run, meaning that normal mobile web-browsing behavior is unlikely to open the door for it. The Google Play Store regularly weeds out malicious content, so it is unlikely that an approved app is PowerOffHijack's attack vector.
Rick Crouch & Associates