Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Android Trojan Fakes Device Shut Down, Spies On Users

Posted by timothy on from the let's-listen-in dept.

An anonymous reader writes A new Android Trojan that tricks users into believing they have shut their device down while it continues working, and is able to silently make calls, send messages, take photos and perform many other tasks, has been discovered and analyzed by AVG researchers. They dubbed it, and AVG's security solutions detect it as PowerOffHijack.

6 of 118 comments (clear)

  1. This is why..... by TheCarp · · Score: 5, Insightful

    If you really need privacy, you pull the phone battery....and if you might need privacy, you don't buy a phone that can't have its battery pulled.

    Not really any solutions, as long as people are walking around with what amount to wireless microphones in their pockets this will always be a potetial problem.

    --
    "I opened my eyes, and everything went dark again"
    1. Re:This is why..... by Iamthecheese · · Score: 5, Insightful

      Requiring an action as inconvenient as partially dismantling the device in order to not experience undesired operation is a piss-poor design.

      --
      If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
    2. Re:This is why..... by markdavis · · Score: 3, Insightful

      I think you hit on the solution: A hard power switch.

      And better yet, also add: A hard microphone switch and a physical shutter for the cameras. I wouldn't mind having a hard radio switch and/or GPS switch too.

      No software can work around that when you need real privacy.

  2. Re:Don't be silly by blackest_k · · Score: 4, Insightful

    I think its fair to say that it takes a user to install it first, linux has pretty much always had trustworthy repositories, Google not so much.

    I love some of the things you can add to chrome but there seems to be little to no security checking of what an app or extension does. That does worry me.

    --
    Blarney Quality Restaurant, Plants
  3. Re:Fuck off. by Anonymous Coward · · Score: 3, Insightful

    yes actually, but the NSA has been caught doing the last few times in a row, its not ignorant ot make that assumption.

    With a track history like the NSAs, it's not even an assumption. It's more like a statistical certainty.

  4. Re:not-a-bug; wont-fix by ShanghaiBill · · Score: 3, Insightful

    This sounds much more like something the Chinese government would do

    It sounds more like something an anti-virus company like AVG would make up to get publicity and boost sales. If this was something real, they should name the app (they don't) and/or describe a plausible mechanism. An Android app can detect a hard power down (so that it can save data or whatever) but it cannot stop or delay it. So the only way it could work is to trick the user into releasing the power button too early.