CopyCat Malware Affected 14 Million Android Devices: The malware affection which is stealing the data became too dangerous in these days. With the new malware discovered by Israel-based IT security provider Check Point revealed that affected over 14 million Android devices last year, rooting eight million of them and earning the hackers behind the attack approximately $1.5 million in fake ad revenues in two months.
The malware affected users mainly in Southeast Asia and spread to more than 2,80,000 Android users in the US. It is unclear who is behind the CopyCat attack, however, there are several connections to MobiSummer, an ad network located in China. The malware also refrains from targeting Chinese devices, suggesting the malware developers are Chinese and want to avoid any investigation by local law enforcement, a common tactic in the malware world.
According to the researchers, the campaign was spread via popular apps, repackaged with the malware and downloaded from third-party app stores, as well as phishing scams. There was no evidence that CopyCat was distributed on Google Play Store. In March this year, Check Point informed Google about the CopyCat campaign and how the malware operated.
According to the Google, they were able to quell the campaign, and the current number of infected devices is far lower than it was at the time of the campaign’s peak. Unfortunately, devices infected by CopyCat may still be affected by the malware even today.
The researchers said that, CopyCat first roots the user’s device, allowing the attackers to gain full control of the device and essentially leaving the user defenceless. CopyCat then injects code into the Zygote app launching process, allowing the attackers to receive revenues by getting credit for fraudulently installing apps by substituting the real referrer’s ID with their own.
No comments:
Write comments