| Recurring |
multiple_organization |
(a) The software failure incident related to the malware affecting Android phones and tablets by hijacking the shutting down process has not been specifically mentioned to have happened again within the same organization or with its products and services. Therefore, there is no information available regarding a similar incident happening again at one specific organization.
(b) The article mentions that the outbreak of the malware affecting Android phones and tablets appears to have originated in China and seems to only affect phones running older versions of Android - before Android KitKat. This suggests that similar incidents related to this malware may have occurred in multiple organizations or with their products and services, especially if they are using older versions of Android. However, the article does not provide specific examples or instances of this incident happening again at other organizations. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident in the article is related to the design phase. The malware described in the article takes advantage of a specific design flaw in Android phones and tablets. When the power button is pressed, the malware shows a fake dialogue pop-up designed to look like the Android Power off menu, making the phone appear to be switched off while the malware continues to run in the background [33721].
(b) The software failure incident in the article is also related to the operation phase. Users unknowingly download infected apps that contain the malware, which then operates by hijacking the shutting down process of the mobile device. The malware can make calls, send messages, access files, and perform various tasks without notifying the user while the phone appears to be turned off [33721]. |
| Boundary (Internal/External) |
within_system |
(a) The software failure incident described in the article is primarily within_system. The malware is installed when the user downloads infected apps, and it hijacks the shutting down process of the mobile device, making it appear to be turned off while still running in the background and performing malicious activities like making calls, sending messages, and accessing files and apps [33721]. The malware operates by exploiting a vulnerability within the Android system, specifically targeting older versions of Android devices before Android KitKat. The malicious behavior is initiated and controlled by the malware itself once it gains root permission on the device, indicating that the failure originates from within the system. |
| Nature (Human/Non-human) |
non-human_actions |
(a) The software failure incident in the article was primarily due to non-human actions. The incident involved a malware that exploited the power-saving technique of turning off Android phones when the power button is pressed. The malware would make the phone appear to be switched off while running in the background, allowing it to make calls, send messages, and access files and apps without the user's knowledge [33721]. This failure was introduced by the malware itself, without direct human participation in the exploitation of the power-off process. |
| Dimension (Hardware/Software) |
hardware, software |
(a) The software failure incident in the article is related to hardware as it involves a malware that takes advantage of the power-saving technique of turning off Android phones and tablets. The malware kicks in when the power button is pressed, making the phone appear to be switched off while it is actually running in the background, allowing it to make calls, send messages, and access files and apps [33721].
(b) The software failure incident is also related to software as the malware is installed when the user downloads infected apps. The malware shows a fake dialogue pop-up designed to look like the Android Power off menu, tricking users into believing their phone is shutting down when it is not. The malware then gains control of the phone, allowing the hacker to perform various tasks without the user's knowledge [33721]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident described in the article is malicious in nature. It involves a malware that is designed to deceive users by making the phone appear to be switched off while actually running in the background and performing unauthorized actions such as making calls, sending messages, and accessing files and apps without the user's knowledge or consent. The malware is installed through infected apps and takes advantage of the power-saving technique of turning the phone off to carry out its malicious activities [33721]. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident described in the article is related to poor_decisions. The incident involves a malware that takes advantage of the power-saving technique where users turn off their Android phones by pressing the power button. The malware, once installed through infected apps, hijacks the shutting down process of the phone, making it appear to be turned off while it continues to run in the background. This malware can then make calls, send messages, access files and apps, and perform various tasks without the user's knowledge. The malware tricks users by showing a fake dialogue pop-up resembling the Android Power off menu, leading users to believe their phone is shutting down when it's actually still active. This incident highlights the consequences of poor decisions made by hackers to exploit users' trust in the power-off functionality of their devices [33721]. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident in the provided article can be attributed to development incompetence. The incident involved a malware that hijacked the shutting down process of Android phones, making them appear to be switched off while actually running in the background to make calls, send messages, and access files and apps. This malware was installed when users downloaded infected apps, indicating a lack of professional competence in ensuring app security and preventing malware infiltration [33721].
(b) The software failure incident can also be categorized as accidental. Users unintentionally downloaded infected apps that contained the malware, leading to the exploitation of the power button functionality on Android devices. The malware was designed to deceive users into thinking their phones were turned off when in reality, they were still operational, allowing the malware to perform unauthorized actions without the users' knowledge. This accidental installation of the malware highlights the risks associated with downloading apps from untrusted sources [33721]. |
| Duration |
permanent, temporary |
(a) The software failure incident described in the article is more likely to be considered permanent. The malware described in the article is designed to remain active even when the user believes their phone is turned off. The malware runs in the background, making calls, sending messages, and accessing files and apps without the user's knowledge. It hijacks the shutting down process of the mobile device, giving the hacker control over the device's functions even when it appears to be powered off. This indicates a persistent and ongoing impact of the software failure incident [33721].
(b) The software failure incident can also be seen as temporary in a sense that it only affects phones running older versions of Android, specifically those before Android KitKat. This limitation suggests that the malware's impact is temporary in the sense that it is not universal across all Android devices but rather specific to certain versions of the operating system [33721]. |
| Behaviour |
crash |
(a) crash: The software failure incident described in the article can be categorized as a crash. The malware mentioned in the article causes the phone to appear to be switched off, but in reality, it continues to run in the background, making calls, sending messages, and accessing files and apps. This behavior indicates a failure of the system to maintain its intended state of being powered off when the power button is pressed, resulting in a crash-like scenario where the system loses its expected state and functionality [33721]. |