Posted by Kyle 11:08 AM (CDT)
Friday July 07, 2017
While over half of the CopyCat malware infections on Android are located in Asia, there are over 250K infections verified in the USA. This Android malware's primary function is one you might not notice easily either. It is going about making its money by hijacking advertisement identifiers. Basically, when you see an ad on your phone, company X gets paid. You still see the same advertisement, but this malware tells the ad seller that company Y gets credit for it instead of company X. While it does not seem that the code is getting used for a more nefarious purpose at this time, it surely could be used for purposes much worse. This malware is capable of rooting your Android phone.
The malware uses two tactics to steal ad revenue-displaying fraudulent ads and stealing referrer IDs of apps installed from Google Play.
There's no evidence that CopyCat was distributed on Google Play, Google’s official app store.
Check Point researchers identified a mobile malware that infected 14 million Android devices, rooting approximately 8 million of them, and earning the hackers behind the campaign approximately $1.5 million in fake ad revenues in two months.