Android malware fakes phone shutdown to steal data

android
Credit: shutterstock

Next time you turn off your Android phone, you might want take the battery out just to be certain.

Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.

When someone presses the power button on a device, a fake dialog box is shown. The malware then mimics the shutdown animation and appears to be off, AVG's mobile malware research team said in a blog post.

"Although the screen is black, it is still on," they said. "While the phone is in this state, the malware can make outgoing calls, take pictures and perform many other tasks without notifying the user."

The malware requires an Android device to be "rooted," or modified to allow deep access to its software. That may eliminate a lot of Android owners who don't modify their phones.

But some vendors of Android phones ship their devices with that level of access, potentially making it easier for the malware to get onto a device.

This malware is unlikely to show up in Google's Play Store, since Google tries to block applications that have malicious functions. But it could be a candidate for one of the many third-party app stores with looser restrictions.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.