Referring to some of the threats to Cyber, on the platforms of Android, Linux, and Windows, CopyCat Android malware had affected over 14 million Android devices(1.4 crore phones & tablets). The illegal apps were the cause of this particular malware which were within the non-legal app markets. Finally it resulted the earning for the hackers through fake apps instead of Google Play which amounted to $1.5 million (roughly Rs. 9.6 crores).
Daniel Padon, a mobile security researcher at Check Point had reported to Google about this and alerted it in this regard. The malware can get into the Android devices by harnessing six different vulnerabilities possessed by them.
The company Google still speculates that 50,000 devices are still affected, currently older software versions are run and the company has resorted to many protective measures in order to stop the malware from affecting its platform.
As per the researchers CopyCat malware is stated to be “a fully developed malware with vast capabilities, including rooting devices, establishing persistence, and injecting code into the Zygote”.
It is noted that once the device is infected by CopyCat, it holds itself until the device reboots, after which it tries to root the device. The six vulnerabilities possessed by Android 5.0 Lollipop and ‘upgrade’ acquired through Amazon Web Service storage is used for this by the malware.
Once this is done the malware initiates the malicious code injection process to the Zygote app launching process and generates illicit revenue by installing apps and further replacing the user’s referrer ID with that of attackers.
It was reported that 26 percent of the CopyCat infected devices showed fraudulent advertisements, while a good 30 percent devices were operated to steal credit for downloading and installing the apps on the device.
Sometime back, Judy malware affected 36.5 million devices worldwide. Whether it’s Judy or CopyCat, some of the devices that are not updated are seen to be still open for hackers.
It’s recommended that users stick to the official app stores i.e., Play Store for app downloads and don’t get into customization things which often requires root access.