As mobile consumers, we’re always wary of malicious intrusion, and as time progresses, those behind these hacks and exploits are getting even more cunning with their methods. Case in point, a new strain of Android malware that essentially spoofs a device’s shut-down process, meaning that while you may think your tablet or handset has been switched off, the intruder is working overtime to make calls, take photos, and generally pry into your sensitive data.
Malware is never a good thing, but sometimes, one has to appreciate the astute nature of a hack, and this one is certainly among the most tenacious we’ve ever seen. It hijacks the shut-down process, so while it may appear as though your device is being powered down, the malware – identified by security firm AVG as “Android/PowerOffHijack.A” – is actually keeping things very much alive, obscured by the veil of a blank screen.
Once it has infiltrated and ‘shut down’ your device, it can snoop on your messages, beaming them off to third parties, and record calls. Worryingly, it can also take photos, which, at a time when the leaking of private snaps is a matter of much debate, is more than a little disconcerting.
AVG confirmed that at least 10,000 devices have been thus far affected by Android/PowerOffHijack.A, although as is often the case with Android malware outbreaks, it has been distributed through an unofficial, presumably unmanned app store used by Chinese consumers.
Android’s open-source nature leaves it more susceptible to malware than, say, Windows Phone or iOS, but it must be noted that by and large, outbreaks of this nature tend only to afflict those who make it nice and easy for ill-intended individuals. If you don’t want to entice intrusion, make sure that the famed ‘Unknown Sources’ feature within your security settings is disabled, and additionally, sticking to the official Google Play Store as a sole source of your apps and games is also heavily advised.
After all, Google does have a system in place to weed out the potential nasties, and while there’s no guaranteed way to avoid malware, swerving those unofficial portals is definitely going to reduce your chances of being hacked.
What’s your take on the matter? Share your thoughts with us in the comments section below.