There are many security risks that could affect your phone when you are accessing the internet, most of all. And you’d think that once you have closed your device, there’s nothing else that could harm your phone. But it seems that the next time you turn off your Android phone, you might want take the battery out to be sure of that.
Security company AVG has discovered that a malicious program fakes the sequence a user sees when shutting down the device, thus allowing it to steal data as it pleases. ABG’s mobile research team says the following:
This malware hijacks the shutting down process of your mobile, so when the user turns the power off button to shut down their mobile, it doesn’t really shut down. After pressing the power button, you will see the real shutdown animation, and the phone appears off. Although the screen is black, it is still on.
While the phone is ‘shut down’, the malware can make outgoing calls, take pictures and perform many other tasks which the users isn’t aware of. However, for the malware to work, it seems that it needs an Android device to be “rooted.” Therefore, this could be one more reason not to root your smartphone, if you’re not sure what to do.
Most likely, the malware won’t show up in Google’s Play Store, but there’s a big chance for it to infiltrate among many third-party app stores which have less strict restrictions than Google. Also, it seems that the malware is affecting devices running Android versions below 5.0. To make sure you don’t get infect AVG recommends to use its own security products, but I suppose any good smartphone antivirus out there should do the job just done.