Article Lead Image

New Android malware called ‘PowerOffHijack’ can secretly commandeer your phone

Just another reason to run an anti-virus app on your phone.


AJ Dellinger


Posted on Feb 20, 2015   Updated on May 29, 2021, 12:02 pm CDT

A sinister new sinister bug hitting Android devices is capable of making calls, sending messages, and taking pictures, all while the phone appears to be off.

According to a report from the security research firm (and anti-malware software publisher) AVG, the malware—called PowerOffHijack—presents a fake dialogue box that prompts the user to shut down when the power button is pressed. The bug then takes over over the phone’s shutdown process, mimicking the standard procedure and animation to make it appear as though the phone has been turned off.

In reality, the device remains on even though the screen goes black.

While the phone is in this state of perceived stasis, the malware can go to work. PowerOffHijack can access sensitive information and exploit the phone’s basic functions, making calls, accessing the camera, and sending text messages.

AVG first discovered PowerOffHijack in China. The firm reports that the malware has infected upwards of 10,000 devices worldwide. Other than the fact that it targets Android devices running 5.0 Lollipop, the latest major version of Google’s mobile OS, details about the bug are scarce.

AVG was also able to determine that the malware required root permissions to run, meaning that normal mobile web-browsing behavior is unlikely to open the door for it. The Google Play Store regularly weeds out malicious content, so it is unlikely that an approved app is PowerOffHijack’s attack vector.

For those still concerned that their device may be affected or at risk, AVG’s anti-virus app promises to detect the threat. Still, as an additional precaution, the company suggests removing the battery from your phone upon shutdown.

H/T PCWorld | Photo via greyweed/Flickr (CC BY 2.0)

Share this article
*First Published: Feb 20, 2015, 12:31 pm CST