A new type of malicious Android software is out in the wild, and its operation is a little unusual and tricky.
Named PowerOffHijack, the malware can trick users into thinking that their devices are already turned off, but in reality, they remain active and likely spying on their users as well. According to a report from AVG, the malware was first seen in China and spreads through Chinese app stores. The malware has reportedly infected about 10,000 devices.
The malware can reportedly infect devices that run an Android version older than 5.0 (Lollipop), taking over when a user hits the power button. If the device is prompted to be turned off, the malware displays an authentic shutdown animation, and the phone will dim, indicating that device has indeed shut down. However, it is not known to the user that the device is still up and running. At this state, the malware can make outgoing calls, take pictures and do other similar tasks that can infiltrate a user's personal data.
Regarding how it can spread to other devices, it has been reported that the malware can only spread through rooted devices. This means that users sporting stock Android devices are safe from harm.
However, if a user rooted his or her device and is worried of the possibility of infection, AVG has stated that their antivirus software will detect it. The company has also suggested to users to pull out their devices' batteries, just to make sure they're fully turned off.
This is apparently not the first time that we have reported about Android malware. Back in 2011, a malicious Android app was discovered that records phone conversations. Also, in the same year, an Android malware was cleverly disguised as a Google+ app. In line with all this, Google admitted last year that over 5 million Android users are indeed plagued with malware.
Source: AVG Now