TR Member Perks!

A new piece of malware is spreading through Chinese app stores, reports AVG, and has already infected tens of thousands of Android devices. This malware, called the PowerOffHijack, can perform many actions, such as making phone calls and taking photos, without the user knowing it. Even more unsettling is that the malware appears to operate after user has turned off their phone.

The truth or more complicated than that. What the malware actually does is that it prevents the phone from actually shutting off when a user presses the power button, but it displays an authentic looking shutdown animation and then turns off the screen to make it appear that the phone is shut down. In actuality the phone is still on, and while the phone is in this state the PowerOffHijack is running. The malware then proceeds to steal your data or whatever else it wants to do, until the user turns the phone back on.

So far the malware has only appeared in third-party app stores in China, no one has gotten this malware from Google Play. According to AVG it only affects Android versions older than 5.0. It should also be noted that the malware requires root permissions in order to hijack the shutdown function. Which means if your phone is not rooted, then there is no way for this to be a threat. Even if your phone is rooted, the app must still explicitly request root permissions from the user, which the user can deny.

It seems this malware is really only a threat to the careless. If you have rooted your phone you really shouldn’t be giving root permissions to any random app that asks for it. AVG offers security software which can detect if your phone is infected with the PowerOffHijack malware which should be of use to the people who actually managed to get infected with this malware.

Are you worried about this PowerOffHijack malware? Leave your comments below.


Max Michael

Senior Writer

I’m a technology reporter located near the Innovation District of Kitchener-Waterloo, Ontario.