A new malware comes to the Android SmartPhones and It has infected more than fourteen million Android smartphones all around the globe, according to the researchers of CheckPoint, it roots the Android and hacks all the applications installed on the smartphone to gain ad revenues.
The victims of this malware named as CopyCat, mostly belong to Asia, the number of devices which were affected by this malware is more than 280,000 in Asia. This malware is tracked by Google from last two years, but after all millions of devices still affected because of third party application downloads and by Phishing attacks.
According to Check Point, there is no official statement or evidence that this malware is distributed in the Google Play Store. Google has updated the Play Protect which helps users to secure themselves from CopyCat malware. “Play Protect secures users from the Malware and any apps that may have been infected with CopyCat,” Google’s statement.
As per its name, this malware shows itself as a popular application on the third party stores like SimSimi, it has more than fifty million downloads on the Google Play Store. After the download of this malware, it collects the data of the infected smartphone and download the rootkits of the model of infected smartphone and cuts the security of the smartphone.
Then CopyCat starts downloading other applications to your smartphone and hacks your smartphone’s Zygote — the launcher for every app on your phone. When this malware controls the Zygote, then it knows the every new application that you download and the applications that you opening as well.
It also changes the Referrer ID on your applications, that means every ad that is opening on your smartphone will give earning to the Hackers rather than application creator. It also shows their own ads for more income of hackers.
More than 4.9 million applications are infected by this malware which shows around one hundred million ads only in two months which helps hackers in making more that 1.5 million dollars. No one knows who is behind this attack but the servers of this malware and ad network MobiSummer are operated by the same server which showing that this Company may be doing this.
The preponderance of infected devices belongs to Pakistan, Bangladesh, India, Myanmar, and Indonesia. Around 381,000 Android devices are infected by this malware in Canada. This malware is targeting running Below the Android of 5.0 because their security patches are two years old. You can protect yourself by using Play Protect, which is updated regularly.