CopyCat Malware

CopyCat is a sophisticated form of mobile malware that has infected more than 14 million Android devices, according to some sources. The fully developed malware was discovered and named CopyCat by Check Point mobile threat researchers as a result of the malware taking credit (and generating revenue) for Android installations it didn’t create.

The CopyCat malware roots, or gains access to key subsystems of the Android mobile operating system, more than half of the mobile devices it infects, which helped enable the hackers that created the malware to generate more than $1.5 million in revenues from fake ads over the first two months of CopyCat’s release into the wild.

CopyCat Malware

Source: Check Point Software

How CopyCat Does Its Damage and Makes Money

In addition to being able to root Android devices, CopyCat can establish persistency, which means the malware can remain in the device essentially forever unless a patch is installed for the device. CopyCat is also able to inject code into Zygote, a daemon responsible for launching apps in the Android operating system, which enables CopyCat to control any activity on the Android device.

These capabilities have made it possible for CopyCat to generate revenue by fraudulently installing apps using a bogus referrer ID that awards credit for the install to the CopyCat hackers. CopyCat can additionally display fraudulent ads to users to generate additional revenue for the hackers.

How CopyCat Infects Android Devices

In terms of how it gets onto Android devices in the first place, the CopyCat malware can infect a device when a user downloads an infected app from a third-party app store (as opposed to the official Google Play store) or when the user clicks on a bogus phishing email.

Once infected, over 54% of the devices CopyCat infiltrates are successfully rooted by the mobile malware. CopyCat exploits numerous security vulnerabilities in older versions of the Android mobile operating system (Android 5 Lollipop and earlier) that haven t been updated with the most recent security patches.

As a result, newer Android devices running Android Marshmallow and later, as well as older devices updated with the latest security patches, are completely protected from CopyCat.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.

Top Articles

List of Windows Operating System Versions & History [In Order]

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

What are the Five Generations of Computers? (1st to 5th)

Reviewed by Web Webster Each generation of computer has brought significant advances in speed and power to computing tasks. Learn about each of the...

Hotmail [Outlook] Email Accounts

Launched in 1996, Hotmail was one of the first public webmail services that could be accessed from any web browser. At its peak in...

SHA-256

SHA-256 is an algorithm used for hash functions and is a vital component...

Document Management System

A document management system is an automated software solution businesses and organizations use...

Conti Ransomware

Conti ransomware first emerged in 2020. It uses a ransomware as a service...