Copycat Malware – What You Need To Know
Copycat Malware is a well-known part of Android adware family that has infected more than 14,000,000 devices and routed more than 8,000,000 in the last year and a half. As per the estimate, it made around $ 1.5 for its developers. According to a security company named as “Checkpoint”, it used five different exploits to root Android devices. The rooting exploit are namely:
- CVE-2013-6282 (vroot)
- CVE-2015-3636 (PingPong Root)
- CVE-2014-3153 (Towelroot)
After rooting the Android device, Copycat Malware can control the launch operations of the application by accessing the Android Core processes. These exploits are functional for the older version of Android which is Android 5 or earlier. Plus, there is still a very large base for such devices.
The Technique Used By Copycat Malware To Be Spread:
The Copycat Malware circulated through third party app stores or through online forums. Most of the victims are in Southeast Asia. However China was avoided, it may be because its employees are located in China and wanted to avoid recovery by the Chinese authorities. According to “checkpoint”, adware Copycat Malware has a connection with Chinese ad companies. In the past, there have been surveys that have concluded that “Hummmingbad” and “YiSpecter” adware families are related to a company called as “Yingmob” and, similarly, “Judy” adware is related to a company called as “Kiniwini.”
According to Cyber-experts, applications that are infected with Copycat Malware never able to make their way into the Google Play store. It was the first infection that successfully infected the core processes of Android. The purpose of this adware is to show sponsored ads and pop-ups, even when using legitimate apps. Copycat Malware also has the ability to install third-party applications without consent and steal personal information from the user. The image below shows the Copycat Malware operating mode and the countries where you have infected the most.
Asian users, with the Indians in the first position to be hit hardest, were. But they also have over 250 thousand infections in the US and 381 thousand in Canada. The peak of the infection occurred in April and May 2016, after which the spread of the malware seems to have suffered a backlash.