CopyCat Malware Infects Android Devices Worldwide

A new piece of adware dubbed CopyCat has infected xiv million Android devices around the globe, according to researchers at security firm Check Point.

CopyCat netted its distributors approximately $1.5 million in simulated ad revenues in just two months, Check Point'due south mobile research squad wrote in a blog post. The malware is predominantly spreading to Android devices in Southeast Asia, simply has already hit more than than 280,000 handsets in the Us.

"CopyCat is a fully developed malware with vast capabilities," the researchers wrote. Upon infection, CopyCat attempts to root a user'south device to gain full command of the handset. Information technology then injects lawmaking into the operating system'due south Zygote app launching procedure; this code allows the malware to "intervene in any activity on the device."

The malware uses two tactics to abuse the Zygote procedure and steal ad acquirement — it displays fraudulent pop-up ads on a user'southward screen and steals app installation credits. It besides installs fraudulent apps straight onto the device, netting its creators even more money.

As Cheque Point explained, advertisers are paid for displaying ads that pb to the installation of certain apps. CopyCat scams the mobile analytics platform Tune to fraudulently earn its revenue.

"CopyCat retrieves the package proper noun of the app that the user is viewing on Google Play, and sends it to its Command and Control server," the researchers wrote. "The server sends dorsum a referrer ID suited for the package proper name. This referrer ID belongs to the creators of the malware, and will later be used to make certain the acquirement for the installation is credited to them."

The researchers say these tactics "generate large amounts of profits for the creators of CopyCat, given the big number of devices infected by the malware."

CopyCat has managed to root 8 million of the 14 million devices it has infected. The campaign peaked between April and May 2022, spreading through phishing scams and popular apps that were repackaged with the malware and offered for download on third-party app stores. Check Point said there'south "no evidence" the malware made its manner into Google Play.

Check Indicate discovered the malware later on CopyCat attacked a business organization customer; it informed Google almost information technology in March.

"According to Google, they were able to quell the campaign, and the current number of infected devices is far lower than information technology was at the time of the entrada'southward peak," Check Betoken wrote. "Unfortunately, devices infected by CopyCat may even so be affected by the malware even today."

About Angela Moscaritolo

Angela Moscaritolo is PCMag's skilful on fitness and smart abode products. Educational activity yoga for nearly 10 years has helped her in evaluating a range of continued wellness products including fitness trackers, heart rate monitors, rowers, smart scales, stationary bikes, strength training machines, treadmills, and more. Angela also tests smart home devices from her ranch in Florida, including air purifiers, kitchen appliances, and robot vacuums, just to proper name a few.

Source: https://sea.pcmag.com/news/16474/copycat-malware-infects-android-devices-worldwide

Posted by: jacobsfure1940.blogspot.com

Share this post