A sophisticated CopyCat malware is a well-adjusting sample, capable of changing its functionality according to the established objective. The virus aims to infect mobile devices, more specifically, Android operating systems that have fallen behind in the security department. Thanks to users’ reckless attitudes and refusals to update their phones to the latest versions, their devices might have helped controllers of CopyCat earn a ton of money.
It was been estimated that the CopyCat concealed its activity for about two months, while successfully affecting people from all over the world. The infection appears to have been capable of hiding itself quite professionally as its harmful procedures managed to remain undetected for a solid amount of time. The fact that nearly 2 million dollars have been possibly obtained by the authors of CopyCat, the situation becomes even more unfortunate and devastating. Android-users from Asia and USA were the most common victims of this malware that victoriously initiated ad-fraud.
Multiple vulnerabilities of the Android operating system were explored by hackers. After a thorough analysis of this malware, it was determined that it might have something to do with the legitimate company of MobiSummer. It is an ad-based company that engages in online advertising strategies. Nevertheless, there are not enough evidence to suggest a clear link between this enterprise and the malware. It is possible that the real hackers intended this detail to be found and wished to put the blame on a company that has nothing to do with this sham.
Surprisingly, CopyCat malware is not a new infection. In fact, its first appearance was announced about a year ago. Now, the activity of this infection has significantly intensified and its behavior managed to generate thousands of money for suspicious parties. It appears that the malware entered operating systems via Google Play store. Malicious application hid behind seemingly-trustworthy apps. After a counterfeit app is installed into an operating system, it can check the current status of a device and shut down its security measures. Then, malware can take some control over a device and begin completing its fraudulent objectives.