Millions of Android Devices Hit With CopyCat Malware

Time and time again, we’ve seen Android malware make its way through mobile devices around the world. Now, a new mobile malware is here, and it has infected at least 14 million Android devices. Dubbed CopyCat, the malware has been found running a successful adware campaign, stealing credits earned by legitimate advertisers in the process.

The way CopyCat malware works is fairly simple. CopyCat spreads to users’ phones either through third-party app downloads or phishing. Once it has made its way to a device, the malware roots Android devices and injects its code into Zygote, a daemon tasked with launching apps on Android devices, which gives the malware a strong hold on affected devices. This allows the malware to then insert itself into the activity of all running apps.

From there, CopyCat commits both ad and app fraud by stealing credits earned by legitimate advertisers whenever one of their ads results in an application download, which are ultimately exchanged for revenue. This specific technique has never been seen before, and is actually more lucrative than traditional ad fraud. Plus, it’s experienced quite a bit of success already, as it claimed a whopping $1.5 million during a peak two-month period in 2016.

While the majority of victims of CopyCat are in Asia, more than 280,000 Android devices in the US have been hit by the attack. Therefore, no matter where you are, it’s important to start thinking of how to protect your Android device from this attack. To do just that, follow these tips:

-Always use legitimate app stores. Many victims of CopyCat were infected by downloading apps from third-party stores unaffiliated with Google Play. It’s crucial users only download applications from official stores, like Google Play or the Apple App store, to ensure they don’t become part of larger malware schemes like CopyCat.

-Keep your software updated. Even if you do avoid third-party app stores, remember that CopyCat can still spread through phishing scams. Therefore, to protect your devices from the attack, ensure all software is up-to-date, as updates typically include additional protection against emerging malware strains, such as CopyCat.

-Use a mobile security solution. As malware and adware campaigns continue to infect mobile applications, make sure your mobile devices are prepared for any threat coming their way. To do just that, cover these devices with a mobile security solution, such as McAfee Mobile Security.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

Leave a Comment

2 × two =