CopyCat Malware

CopyCat is a sophisticated form of mobile malware that has infected more than 14 million Android devices, according to some sources. The fully developed malware was discovered and named CopyCat by Check Point mobile threat researchers as a result of the malware taking credit (and generating revenue) for Android installations it didn’t create.

The CopyCat malware roots, or gains access to key subsystems of the Android mobile operating system, more than half of the mobile devices it infects, which helped enable the hackers that created the malware to generate more than $1.5 million in revenues from fake ads over the first two months of CopyCat’s release into the wild.

CopyCat Malware

Source: Check Point Software

How CopyCat Does Its Damage and Makes Money

In addition to being able to root Android devices, CopyCat can establish persistency, which means the malware can remain in the device essentially forever unless a patch is installed for the device. CopyCat is also able to inject code into Zygote, a daemon responsible for launching apps in the Android operating system, which enables CopyCat to control any activity on the Android device.

These capabilities have made it possible for CopyCat to generate revenue by fraudulently installing apps using a bogus referrer ID that awards credit for the install to the CopyCat hackers. CopyCat can additionally display fraudulent ads to users to generate additional revenue for the hackers.

How CopyCat Infects Android Devices

In terms of how it gets onto Android devices in the first place, the CopyCat malware can infect a device when a user downloads an infected app from a third-party app store (as opposed to the official Google Play store) or when the user clicks on a bogus phishing email.

Once infected, over 54% of the devices CopyCat infiltrates are successfully rooted by the mobile malware. CopyCat exploits numerous security vulnerabilities in older versions of the Android mobile operating system (Android 5 Lollipop and earlier) that haven t been updated with the most recent security patches.

As a result, newer Android devices running Android Marshmallow and later, as well as older devices updated with the latest security patches, are completely protected from CopyCat.

Forrest Stroud
Forrest Stroud
Forrest is a writer for Webopedia. Experienced, entrepreneurial, and well-rounded, he has 15+ years covering technology, business software, website design, programming, and more.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Embedded Analytics

Embedded analytics brings self-service business intelligence to everyday application users.

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their workforce operations. They provide a central platform for human resources professionals...

Complete List of Cybersecurity Acronyms

Cybersecurity news and best practices are full of acronyms and abbreviations. Without understanding what each one means, it's difficult to comprehend the significance of...

Human Resources Management System

A Human Resources Management System (HRMS) is a software application that supports many functions of a company's Human Resources department, including benefits administration, payroll,...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...