Fear of an Android malware appears to be making waves
recently. It is called as CopyCat, and thus far, the malware has infected more
than 14 million devices worldwide.
recently. It is called as CopyCat, and thus far, the malware has infected more
than 14 million devices worldwide.
Researchers at Checkpoint said that the malware mainly roots
devices and hijacks apps to make millions in fraudulent revenue. Currently, bulk
of the devices affected by the CopyCat malware are in Asia, however, other
markets should not believe they are safe yet.
Over 280,000 Android devices are estimated to have been affected
by this dreaded CopyCat malware in the US. Google has been working for the past
two years, tracking the malware. It has updated PlayProtect to block the
malware. But, millions of devices are being affected via third-party app
downloads and phishing attacks.malware CopyCat
by this dreaded CopyCat malware in the US. Google has been working for the past
two years, tracking the malware. It has updated PlayProtect to block the
malware. But, millions of devices are being affected via third-party app
downloads and phishing attacks.malware CopyCat
How Copycats works
CopyCat play-acts to be a popular app. Once downloaded by an
innocent user, the app collects data about the infected device and downloads
rootkits to help root the smartphone, basically cutting off its security
system. Subsequently, CopyCat begins to download fake apps, and also takes
control of the device’s Zygote, the launcher for all the apps on your device.
innocent user, the app collects data about the infected device and downloads
rootkits to help root the smartphone, basically cutting off its security
system. Subsequently, CopyCat begins to download fake apps, and also takes
control of the device’s Zygote, the launcher for all the apps on your device.
Once the malware gets control of the Zygote, it gets the
knowledge of every app downloaded on the device, as well as those ones you
open.
knowledge of every app downloaded on the device, as well as those ones you
open.
CopyCat goes further to replace the Referral ID of your apps
with its own, which redirects ad revenue to the hackers instead of the app’s designers.
with its own, which redirects ad revenue to the hackers instead of the app’s designers.
According to the Checkpoint report, the malware has so far generated
over $1.5 million for the hackers.
over $1.5 million for the hackers.
Another interesting thing (though negative) about CopyCat is
that it checks the location of the infected device if it is in China. Thus far,
Chinese victims have been safe from the attacks. Possibly the perpetrators of
the cyberattack are based in China and are trying to avoid police
investigation.
that it checks the location of the infected device if it is in China. Thus far,
Chinese victims have been safe from the attacks. Possibly the perpetrators of
the cyberattack are based in China and are trying to avoid police
investigation.
The malware attack recorded the highest number of victims
between April and May of last year, and still affecting Android users today, especially
Android 5.0 users and earlier versions.
between April and May of last year, and still affecting Android users today, especially
Android 5.0 users and earlier versions.
Warning:
Downloading apps from third-party sites is risky at the moment.
Downloading apps from third-party sites is risky at the moment.