AVG: Latest Android 5.0 Lollipop Malware 'PowerOffHijack' Can Spy on Users Even If Smartphone Is Turned Off

By Isaiah Narciso
Shutdown Android Devices
A flaw in Android can allow hackers to break in and take control of your smartphone.

Security research firm AVG has warned users of smartphones containing Android software that a new form of malware can track them, even if the devices are turned off.

According to a blog post from AVG, its security team discovered a new type of Android malware that can hijack phones even if they are turned off. The malware was first detected in China and has infected around 10,000 devices there so far.

"The malware hijacks the shutdown process and the device remains functional even though it appears to be off," AVG wrote. "The malware affects versions of Android older than v.5 (Lollipop) and requires root permission to hijack the shutdown process."

AVG explained how the malware worked.

"After pressing the power button, the phone displays an authentic shutdown animation, and the phone appears off," AVG wrote. "Although the screen is black, it is still on."

Although users may think their phones are off in this state, AVG reported that "the malware can make outgoing calls, take pictures and perform many other tasks" without notifying them.

Emil Protralinski of VentureBeat termed the new malware threat as "PowerOffHijack." He reported that the Android malware asks for "root permission" first before infecting the device with the system_server process and hooking with mWindowManagerFuncs object.

"The fact root permission is required, however, suggests this is not a threat you can pick up by simply browsing the web," Protralinski wrote.

AVG then explained in technical detail what mWindowManagerFuncs did to the Android-powered device, noting it was "an interface object."

"It will actually call the thread ShutDownThread's shutdown function," AVG wrote. "It will shut down radio service first and invoke the power manager service to turn the power off."

Protralinski noted that AVG failed to describe the details of the malware itself, despite the explanation of how the shutdown process worked.

"There is no explanation as to how the security firm discovered the threat and how it gets onto an Android device in the first place," Protralinski wrote.

VentureBeat suggested that the source of the malware may have originated from an outside "app store" tailored for Android devices.

"Most Android malware infects devices thanks to users installing shady apps from third-party app stores," Protralinski wrote. "Most threats are not found on Google Play, and most require side-loading (disabled by default on most Android devices)."

Protalinski had a simple suggestion for those concerned about the status of their Android devices potentially being infected with the malware.

"Just pay attention to the apps you install and your Android device should be just fine," Protalinski wrote.

  • North America Chinese Evangelical Seminary year-end report highlights significant ministry progress

    North America Chinese Evangelical Seminary year-end report highlights significant ministry progress

    As the year draws to a close, Rev. James Liu, President of the Chinese Evangelical Seminary North America (CESNA), reflected on the seminary’s remarkable growth and ministry development over the past year. Dedicated to providing theological education to Chinese Christians, CESNA continues to uphold its mission to remain faithful to the gospel and nurture believers. This year’s achievements span academic, ministerial, and outreach endeavors, fostering spiritual growth and advancing missionary wo

  • Woman pastor analyzes: How Chinese gender culture shapes female ministers’ roles in churches

    In traditional Chinese culture, deeply ingrained notions of gender roles, often expressed as "male strong, female weak," significantly influence the position of women in society and the church. This issue is particularly pertinent for female pastors navigating their roles in ministry. Rev. Dora Wang, Ph.D., from China Evangelical Seminary North America (CESNA), recently addressed this topic in a seminar, sharing her insights on the challenges women face in ministry and proposing strategies to su

  • 4th Christian art biennale in Hong Kong concluding with record reception

    The fourth Christian Art Biennale, titled “The Splendor of Beauty in His Land,” opened on December 22 at Tseung Kwan O Methodist Primary School in Hong Kong and will conclude tomorrow, January 1. The 10-day exhibition has drawn enthusiastic responses, surpassing previous years in attendance and impact.

  • 2024 report from Wycliffe Global Alliance shows status of Bible accessibility worldwide

    Wycliffe Global Alliance has published its 2024 Global Scripture Access Report, unveiling the latest status of Bible accessibility worldwide. The annual report is compiled using data from the Alliance’s partner organizations, including SIL International, the United Bible Societies, and others.

  • A Christian’s proper response to the sugar-coated bullet of influencer fame

    Today, I came across a thought-provoking story about a 2016 internet influencer from the U.S.. The case of Nicholas Perry raises a sobering question: Is it worth sacrificing oneself in the pursuit of views?

Top Stories