Truth Frequency Radio
Feb 20, 2015

  • i.ytimg.com_2015-02-20_14-40-09The malware is installed when the user downloads infected Android apps 
  • When the power button is pressed it makes the phone appear to shut down
  • Malware shows a ‘Power Off’ message and even a shutdown animation
  • It can then take control of the phone to make calls and send messages
  • App works in the background, so will not be immediately noticeable 
  • Running an antivirus app will spot and remove the malware
  • Experts have not revealed which apps the malware is on but said it affects phones and tablets running older versions of Android – before KitKat

Many people turn their phone off overnight or when charging, but a new malware could be taking advantage of this power-saving technique.

Security researchers have spotted a virus that kicks in when the power button on Android phones and tablets is pressed.

It makes the phone appear to be switched off but instead the malware is running in the background making calls, sending messages and accessing other files and apps.

rsz_25dcf42500000578-0-the_malware_is_installed_when_the_user_downloads_infected_apps_w-a-4_1424430108166

The malware is installed when the user downloads infected apps. When the power button is pressed, the malware shows a fake dialogue pop-up designed to look like the Android Power off menu (pictured). The phone then appears to shut down and the malware can make calls, send messages and access other files

In theory, once installed and enabled, the app has control of the phone and can perform any task the hacker wants it to.

A blog post from the Amsterdam-based antivirus firm explained that the malware is installed when the user downloads an infected app from an app store.

AVG hasn’t revealed which apps are carrying the malware and MailOnline has contacted the firm for more information.

It’s likely the apps are installed from third-party app stores rather than Google Play, due to Google’s strict policy on malware.

www.dailymail.co.uk_2015-02-20_14-38-16However, the Play Store has featured infected apps in the past, so users are advised to download all apps with caution, and to check reviews and developer details if they are unsure.

‘This malware hijacks the shutting down process of your mobile, so when the user turns the power off button to shut down their mobile, it doesn’t really shut down,’ said the researchers.

‘After pressing the power button, you will see the real shutdown animation, and the phone appears off. Although the screen is black, it is still on.

‘While the phone is in this state, the malware can make outgoing calls, take pictures and perform many other tasks without notifying the user.’

The malware does this by hijacking a line of code in the shutting down process and asking for root permission.

This gives the hacker permission to access and modify any files, apps and software on the device.

Once permission is granted, the malware shows a fake dialogue pop-up when the power button is pressed.

The malware works by hijacking a line of code in the shutting down process and asking for root permission. This gives the hacker permission to access and modify any files (pictured), apps and software on the device. But, running a scan using an antivirus app will detect and remove the files

The malware works by hijacking a line of code in the shutting down process and asking for root permission. This gives the hacker permission to access and modify any files (pictured), apps and software on the device. But, running a scan using an antivirus app will detect and remove the files

This is designed to look like the standard Android menu and when the ‘Power off’ option is selected, the fake animation is shown and the screen goes black.

It will continue to make calls and send messages until the phone is switched on and AVG said the the only way to know a phone is actually turned off is to remove the battery.

The app runs in the background, so isn’t immediately noticeable and won’t appear as a rogue app or icon on the homescreen.

But, running a scan using an antivirus app will detect and remove the files.

The outbreak is said to have originated in China and appears to only affect phones running older versions of Android – before Android KitKat.

MORE NEWS IN NEWS >>