Skip to main content

CopyCat Malware Taking Android Devices By Storm

By July 22, 2017March 1st, 2023Cybersecurity

Researchers at the security firm Check Point have uncovered a new strain of malware they’re calling CopyCat that has taken the internet by storm, infecting millions of Android devices in South and Southeast Asia, for now. This malware could easily break out into other parts of the world.

Best estimates are that some 14 million devices have been infected over the last two months, with 8 million of those having been rooted. Those same estimates indicate that the software has generated more than $1.5 million in revenue from fake ads over that time period.

Although it’s not at all clear who owns and controls the software, there’s strong circumstantial evidence that it’s’ being spread primarily via the Chinese advertising company, MobiSummer, because:

• CopyCat and MobiSummer operate on the same server
• CopyCat and MobiSummer use the same remote services
• CopyCat has so far avoided targeting Chinese consumers, even though more than half the victims reside in Asia
• CopyCat uses several lines of code that have been signed by MobiSummer

According to the researchers, “It is important to note that while these connections exist, it does not necessarily mean the malware was created by the company, and it is possible the perpetrators behind it used MobiSummer’s code and infrastructure without the firm’s knowledge.”

There’s no evidence that the app has a presence on the Google Play store, so its spread has been a consequence of downloads from third-party app stores.

Google has been notified and has already updated Play Protect to block the malware, but the rate of infection shows no signs of stopping, and it might be a while before this one burns itself out.

It should also be noted that while most of the infections are in Asia, there are some 381,000 infected devices in Canada, and another 280,000 in the US, so tread carefully, especially if you’re using an older, unpatched Android device.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.