Skip to main content

CopyCat Has Infected About 14 Million Android Smartphones And Rooted About 8 Million Of Them

copycat malware hackers
The Check Point security researchers have published the details of a massive malware campaign that infected Android smartphones. Called CopyCat, this malware was able to infect about 14 million devices and root 8 million of them. The malware was spread via phishing and third-party app stores which hosted malicious versions of popular apps.
While the malware campaign has been stopped, it’s possible that your phone might be infected due to a prior infection.
According to a new report published by the Check Point researchers, CopyCat has infected about 14 million Android smartphones and rooted about 8 million of them.
If you’re interested in numbers, after the infection of CopyCat, about 3.8 million devices served fraudulent ads, 4.9 million fake apps were installed, and 4.4 million devices stole credit for installing applications. It should be noted that the CopyCat malware reached its peak between April and May 2016.
The security researchers first came across the malware when it attacked the devices protected by Check Point SandBlast Mobile. By retrieving the information from malware’s Command and Control servers, they were able to get an idea of the working of CopyCat malware.

copycat malware working
Image: Check Point

CopyCat malware was able to infect so many devices with the help of phishing scams and third-party app stores which had popular apps, repackaged with malware. Researchers didn’t find any clue of CopyCat being distributed via Google Play Store.
Talking about its abilities, CopyCat is a fully-developed malware with dangerous capabilities like rooting devices and persistency enablement. It’s also able to inject code into Zygote, which is a daemon responsible for launching apps in Android OS.
By using the state-of-the-art technology to perform various types of ad fraud, CopyCat first roots the device and allows the notorious agents to gain full control of the device. By launching the malicious code in Zygote, the hacker is able to get revenue by getting credit for illegally installing apps with his/her own ID. Hacker also uses the control over the system to display fake ads and install fraudulent apps. By using these tactics, a large amount of profit has been generated by the creators of CopyCat adware.

Image: Check Point

Earlier this year in March, Check Point informed Google about the CopyCat malware campaign and its working. As a result, the infection was curbed. However, it’s possible that your device might be still infected by CopyCat.
As more than 50% of the devices were rooted due to outdated security patches, just like any other operating system, Android users must keep their systems updated and follow standard security practices.



Learn How To Download Videos From Popular Platforms Such As YouTube, Facebook, Twitter, Instagram And Any Others

Having trouble downloading that video your crush shared on Instagram or one of those adorable cat videos on YouTube? Refer our guide to learn how to download videos from popular platforms such as YouTube, Facebook, Twitter, Instagram and many others.

Microsoft Has Released The First Windows 10 Build 16353 For Insiders

As Fall Creators Update is nearing its release, Skip Ahead was announced last month. It enables fast ring users to continue receiving new features, though the RS_PRERELEASE

Amazon Cuts Huawei Watch 2 Price To $194.99

Huawei's latest smartwatch has received a temporary price cut in the United States. There is no word on how long the promotion will last, but those interested

Apple Has Confirmed The LTE Issues With Its New Watch Series 3

Before the product starts shipping on Friday, Apple has confirmed the existence of LTE issues with its new Apple Watch Series 3. Reviewers noted the wearable has