Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Android Trojan Fakes Device Shut Down, Spies On Users

Posted by timothy on from the let's-listen-in dept.

An anonymous reader writes A new Android Trojan that tricks users into believing they have shut their device down while it continues working, and is able to silently make calls, send messages, take photos and perform many other tasks, has been discovered and analyzed by AVG researchers. They dubbed it, and AVG's security solutions detect it as PowerOffHijack.

10 of 118 comments (clear)

  1. not-a-bug; wont-fix by sbrown7792 · · Score: 4, Funny

    Issue closed by NSA

    1. Re:not-a-bug; wont-fix by ShanghaiBill · · Score: 3, Insightful

      This sounds much more like something the Chinese government would do

      It sounds more like something an anti-virus company like AVG would make up to get publicity and boost sales. If this was something real, they should name the app (they don't) and/or describe a plausible mechanism. An Android app can detect a hard power down (so that it can save data or whatever) but it cannot stop or delay it. So the only way it could work is to trick the user into releasing the power button too early.

  2. This is why..... by TheCarp · · Score: 5, Insightful

    If you really need privacy, you pull the phone battery....and if you might need privacy, you don't buy a phone that can't have its battery pulled.

    Not really any solutions, as long as people are walking around with what amount to wireless microphones in their pockets this will always be a potetial problem.

    --
    "I opened my eyes, and everything went dark again"
    1. Re:This is why..... by Iamthecheese · · Score: 5, Insightful

      Requiring an action as inconvenient as partially dismantling the device in order to not experience undesired operation is a piss-poor design.

      --
      If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
    2. Re:This is why..... by GrumpySteen · · Score: 4, Funny

      They could have an untrustworthy mobile hidden in an orifice. Best don the latex and do a thorough cavity search!

    3. Re:This is why..... by markdavis · · Score: 3, Insightful

      I think you hit on the solution: A hard power switch.

      And better yet, also add: A hard microphone switch and a physical shutter for the cameras. I wouldn't mind having a hard radio switch and/or GPS switch too.

      No software can work around that when you need real privacy.

  3. WTF? by gstoddart · · Score: 3, Funny

    Why is it so damned easy for malware to get root access, and so damned annoying for me to get it?

    And, quite honestly, by how annoying and intrusive AVG was becoming when I got away from it ... do we have another source which confirms this?

    I'm just not sure I trust them to be quite honest.

    --
    Lost at C:>. Found at C.
    1. Re:WTF? by AmiMoJo · · Score: 4, Informative

      There is nothing to see here. The malware doesn't get root. It's just a normal app that simulates shutdown, like those lame joke apps we used to write back in the day that mimic the DOS format command output or Netware login screen. The user has to be simultaneously knowledgeable enough to enable app installation from sources other than Play and extremely dumb to install an app requiring so many permissions and from a dubious source.

      The malware doesn't do anything a normal app can't. No exploits, it just makes the screen completely black and starts sending text messages (which the user gave it permission to do), while hoping you don't press the home key and discover the ruse.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  4. Re:Don't be silly by blackest_k · · Score: 4, Insightful

    I think its fair to say that it takes a user to install it first, linux has pretty much always had trustworthy repositories, Google not so much.

    I love some of the things you can add to chrome but there seems to be little to no security checking of what an app or extension does. That does worry me.

    --
    Blarney Quality Restaurant, Plants
  5. Re:Fuck off. by Anonymous Coward · · Score: 3, Insightful

    yes actually, but the NSA has been caught doing the last few times in a row, its not ignorant ot make that assumption.

    With a track history like the NSAs, it's not even an assumption. It's more like a statistical certainty.