CopyCat Malware Roots Devices, Shows Fraudulent Ads
Security Services, a security services company, has posted new information in malicious software integrated with certain applications installed outside the Google Play Store.
Malware CopyCat is capable of stopping the device, installing fraudulent applications, distributing fraudulent ads and stealing installation credits from the application.
All these features have been possible thanks to the exploitation of certain security breaks in the Android operating system, which should allow the malware root of infected devices.
The roots of infected devices is in itself a matter of great concern, since it opens the user to a wide range of security issues and exploits.
Once the device is rooted, the malicious software then tries to change the application code launch system for the Android operating system.
Modifying the application startup system also allows malware developers to monitor user activity.
This information could be used by developers to generate advertising revenue by displaying fraudulent ads in non-infected applications or stealing the credit facility from other developers’ applications.
As developers can remotely change attack targets from malicious software, they can also be used to infiltrate a corporate network or retrieve sensitive information stored on a device.
The malware has infected about 14 million Android devices, of which more than half are in Asia. Of the total number of infected devices, about $ 8 million were ingrained, probably without the user’s knowledge.
In addition, software installed by fraudulent malware on about 4.9 million devices, while owners of 3.8 million devices should treat advertising for malware.
Due to the large number of infected devices, malicious software developers CopyCat managed to earn about $ 1.5 million in advertising revenue.
It is likely that most affected devices installed Android 5.0 Lollipop, or even previous versions of the software because these vulnerabilities are present in the versions of the Android operating system.
It is not yet known exactly what group is behind the imitation malware, but the evidence suggests MobiSummer, a China-based advertising network.
While the company itself is not responsible for malware developers use the network infrastructure to earn advertising revenue.
Given the recent discovery of different malicious software embedded in some Android applications, it is important that users are more vigilant.
If CopyCat malware, just install the applications directly from the Google Play Store to prevent the device from becoming infected.