CopyCat Malware Affected Over 14 Million Android Devices: Check Point

Advertisement
By Shubham Verma | Updated: 7 July 2017 18:28 IST
Highlights
  • CopyCat malware campaign stole ad revenues by installing fraud apps
  • It first infected the Android devices and then tried to root them
  • Google had quelled the CopyCat campaign and lowered the threat
CopyCat Malware Affected Over 14 Million Android Devices: Check Point

The cyber threats have increasingly grown with time on multitude of platforms such as Android, Linux, and Windows to name a few. Researchers have now found that CopyCat Android malware had affected over 14 million devices last year, succeeding in rooting at least eight million of them. The malware made its way to the devices via malicious apps available inside illegitimate app markets, instead of Google Play, to earn as much as $1.5 million (roughly Rs. 9.6 crores) in fake ad revenues in two months, the researchers said.

A study conducted by Check Point researchers has revealed that the CopyCat malware could seep into the Android devices by harnessing six different vulnerabilities possessed by them, and used a novel technique to generate and steal ad revenues. It infected more than 280,000 Android users in the United States, while its major target was Southeast Asian countries. The CopyCat malware was being spread under a campaign and it used to infect device and subsequently root them, gaining the full control of the smartphone.

The researchers define CopyCat as "a fully developed malware with vast capabilities, including rooting devices, establishing persistency, and injecting code into the Zygote", which is a primary Android app launching process. After a device is infected by CopyCat, it further holds itself until the device reboots and then it tries to root the device. As an attempt to root the device, the malware uses six vulnerabilities possessed by Android 5.0 Lollipop and earlier versions through an 'upgrade' acquired through Amazon Web Service storage. Although the flaws found by researchers was capable enough for earlier Android versions, it could still be persistent in the devices that have not been patched or updated in last two years.

As we said, after it exploits the vulnerabilities of Android, the CopyCat malware starts the malicious code injection process to the Zygote app launching process and then generates illicit revenue by installing apps and further replacing the user's referrer ID with that of attackers. It additionally starts displaying fraud ads and apps. This kind of a technique was earlier used by the Triada Trojan, which targeted devices to gain superuser privileges before making use of regular Linux debugging tools to embed its DLL and infect mobile browsers.

Advertisement

Talking about the stats, about 26 percent of the CopyCat infected devices showed fraudulent advertisements, while a good 30 percent devices were operated to steal credit for downloading and installing the apps on the device. In addition, the study mentions that the malware also shared the device's information to CopyCat's control centres.

Google was able to subdue the impact of the CopyCat malware campaign back when the outbreak happened, gradually reducing the number of affected devices, however devices that haven't been updated could still be open to attackers. We recommend users stick to official app stores for their app downloads.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement
Popular Mobile Brands
  1. Honor X9c 5G With 6,600mAh Battery Launched in India: Price, Features
  2. Samsung's Galaxy Z Fold 7 Said to Get a Significant Price Hike in India
  3. Lumio Arc 5, Arc 7 Projectors Launched in India: Price and Specifications
  4. HP OmniBook 5, OmniBook 3 Series Launched in India: Price, Features
  5. iPhone 17 Pro Series Render Shows Repositioned Apple Logo, New MagSafe Design
  6. OpenAI Might Combine Reasoning and Multimodality With GPT-5 AI Model
  7. Narivetta OTT Release Date: When and Where to Watch This Political Drama Online?
  1. Samsung May Upgrade AI-Powered Audio Eraser Feature in One UI 8 With Real-Time Editing Support
  2. Telecom Operators Could Hike Mobile Tariff Again as Active Subscribers Saw Sharp Growth: Report
  3. Samsung Galaxy Z Fold 7 Tipped to Get a Noticeable Price Hike Over Galaxy Z Fold 6 in India
  4. HP OmniBook 5, OmniBook 3 Series With Latest AMD and Snapdragon Processors Launched in India
  5. TikTok Building New Version of App Ahead of Expected US Sale: Report
  6. Infinix Hot 60 5G+ India Launch Date Set for July 11; to Get a Custom One Tap AI Button
  7. Thammudu Explores an Emotional Night of Conflict, Courage, and Family Ties
  8. Samsung Galaxy Z Flip 7 FE Global Variant Spotted on Geekbench With An Exynos 2400 SoC
  9. OpenAI Plans to Unify Capabilities From Its GPT and O Series With the Release of GPT-5 AI Model
  10. iPhone 17 Pro, iPhone 17 Pro Max Leaked Render Shows Repositioned Apple Logo, New MagSafe Design
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.