Following the recent outbreak of WannaCry and Petya/NotPetya malware, which targetted Windows machines, an Android malware is making headlines. According to a new report published by the Check Point researchers, CopyCat has infected about 14 million Android smartphones and rooted about 8 million of them.
If you’re interested in numbers, after the infection of CopyCat, about 3.8 million devices served fraudulent ads, 4.9 million fake apps were installed, and 4.4 million devices stole credit for installing applications. It should be noted that the CopyCat malware reached its peak between April and May 2016.
The security researchers first came across the malware when it attacked the devices protected by Check Point SandBlast Mobile. By retrieving the information from malware’s Command and Control servers, they were able to get an idea of the working of CopyCat malware.
CopyCat malware was able to infect so many devices with the help of phishing scams and third-party app stores which had popular apps, repackaged with malware. Researchers didn’t find any clue of CopyCat being distributed via Google Play Store.
Talking about its abilities, CopyCat is a fully-developed malware with dangerous capabilities like rooting devices and persistency enablement. It’s also able to inject code into Zygote, which is a daemon responsible for launching apps in Android OS.
Submitted by: Arnfried Walbrecht