Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Android Trojan Fakes Device Shut Down, Spies On Users

Posted by timothy on from the let's-listen-in dept.

An anonymous reader writes A new Android Trojan that tricks users into believing they have shut their device down while it continues working, and is able to silently make calls, send messages, take photos and perform many other tasks, has been discovered and analyzed by AVG researchers. They dubbed it, and AVG's security solutions detect it as PowerOffHijack.

6 of 118 comments (clear)

  1. not-a-bug; wont-fix by sbrown7792 · · Score: 4, Funny

    Issue closed by NSA

  2. This is why..... by TheCarp · · Score: 5, Insightful

    If you really need privacy, you pull the phone battery....and if you might need privacy, you don't buy a phone that can't have its battery pulled.

    Not really any solutions, as long as people are walking around with what amount to wireless microphones in their pockets this will always be a potetial problem.

    --
    "I opened my eyes, and everything went dark again"
    1. Re:This is why..... by Iamthecheese · · Score: 5, Insightful

      Requiring an action as inconvenient as partially dismantling the device in order to not experience undesired operation is a piss-poor design.

      --
      If video games influenced behavior the Pac Man generation would be eating pills and running away from their problems.
    2. Re:This is why..... by GrumpySteen · · Score: 4, Funny

      They could have an untrustworthy mobile hidden in an orifice. Best don the latex and do a thorough cavity search!

  3. Re:Don't be silly by blackest_k · · Score: 4, Insightful

    I think its fair to say that it takes a user to install it first, linux has pretty much always had trustworthy repositories, Google not so much.

    I love some of the things you can add to chrome but there seems to be little to no security checking of what an app or extension does. That does worry me.

    --
    Blarney Quality Restaurant, Plants
  4. Re:WTF? by AmiMoJo · · Score: 4, Informative

    There is nothing to see here. The malware doesn't get root. It's just a normal app that simulates shutdown, like those lame joke apps we used to write back in the day that mimic the DOS format command output or Netware login screen. The user has to be simultaneously knowledgeable enough to enable app installation from sources other than Play and extremely dumb to install an app requiring so many permissions and from a dubious source.

    The malware doesn't do anything a normal app can't. No exploits, it just makes the screen completely black and starts sending text messages (which the user gave it permission to do), while hoping you don't press the home key and discover the ruse.

    --
    const int one = 65536; (Silvermoon, Texture.cs)
    SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC