Next time you turn off your Android phone, you might want take the battery out just to be certain.
Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.
When someone presses the power button on a device, a fake dialog box is shown. The malware then mimics the shutdown animation and appears to be off, AVG’s mobile malware research team said in a blog post.
“Although the screen is black, it is still on,” they said. “While the phone is in this state, the malware can make outgoing calls, take pictures and perform many other tasks without notifying the user.”
The malware requires an Android device to be “rooted,” or modified to allow deep access to its software. That may eliminate a lot of Android owners who don’t modify their phones.
But some vendors of Android phones ship their devices with that level of access, potentially making it easier for the malware to get onto a device.
This malware is unlikely to show up in Google’s Play Store, since Google tries to block applications that have malicious functions. But it could be a candidate for one of the many third-party app stores with looser restrictions.
Next read this:
- Top 9 challenges IT leaders will face in 2020
- Top 5 strategic priorities for CIOs in 2020
- 7 'crackpot' technologies that might transform IT
- 8 technologies that will disrupt business in 2020
- 7 questions CIOs should ask before taking a new job
- 7 ways to position IT for success in 2020
- The 9 new rules of IT leadership
- 20 ways to kill your IT career (without knowing it)
- IT manager’s survival guide: 11 ways to thrive in the years ahead
- CIO resumes: 6 best practices and 4 strong examples
- 4 KPIs IT should ditch (and what to measure instead)