CopyCat Malware

CopyCat is a sophisticated form of mobile malware that has infected more than 14 million Android devices, according to some sources. The fully developed malware was discovered and named CopyCat by Check Point mobile threat researchers as a result of the malware taking credit (and generating revenue) for Android installations it didn’t create.

The CopyCat malware roots, or gains access to key subsystems of the Android mobile operating system, more than half of the mobile devices it infects, which helped enable the hackers that created the malware to generate more than $1.5 million in revenues from fake ads over the first two months of CopyCat’s release into the wild.

CopyCat Malware

Source: Check Point Software

How CopyCat Does Its Damage and Makes Money

In addition to being able to root Android devices, CopyCat can establish persistency, which means the malware can remain in the device essentially forever unless a patch is installed for the device. CopyCat is also able to inject code into Zygote, a daemon responsible for launching apps in the Android operating system, which enables CopyCat to control any activity on the Android device.

These capabilities have made it possible for CopyCat to generate revenue by fraudulently installing apps using a bogus referrer ID that awards credit for the install to the CopyCat hackers. CopyCat can additionally display fraudulent ads to users to generate additional revenue for the hackers.

How CopyCat Infects Android Devices

In terms of how it gets onto Android devices in the first place, the CopyCat malware can infect a device when a user downloads an infected app from a third-party app store (as opposed to the official Google Play store) or when the user clicks on a bogus phishing email.

Once infected, over 54% of the devices CopyCat infiltrates are successfully rooted by the mobile malware. CopyCat exploits numerous security vulnerabilities in older versions of the Android mobile operating system (Android 5 Lollipop and earlier) that haven t been updated with the most recent security patches.

As a result, newer Android devices running Android Marshmallow and later, as well as older devices updated with the latest security patches, are completely protected from CopyCat.

Forrest Stroud
Forrest is an experienced, entrepreneurial and well-rounded professional with 15+ years covering technology, business software, website design, programming and more.

Top Articles

The Complete List of 1500+ Common Text Abbreviations & Acronyms

Text Abbreviations reviewed by Web Webster   From A3 to ZZZ we list 1,559 SMS, online chat, and text abbreviations to help you translate and understand...

Windows Operating System History & Versions

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

Generations of Computers (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

How to Find Your...

SSID is short for Service Set IDentifier. In layman’s terms, an...

Monday.com

Monday.com is a cloud-based work operating system that can be used for a...

Secure Socket Tunneling Protocol...

The secure socket tunneling protocol (SSTP) is a VPN protocol where...