Security & Fraud

CopyCat Malware Strikes 14M Androids

In cybersecurity news, as many as 14 million Google Android devices were hit with malicious ransomware that, as part of a widespread campaign, has been dubbed CopyCat, Fortune Magazine reported.

The malware raised up to a million dollars, tricking users with fraudulent app installations and advertising, the financial publication noted. The information came from Check Point Software Technologies, which is a cybersecurity firm.

The malware campaign stretched across April and May of 2016 and had as its breeding ground third-party app stores, among other conduits, skirting Google Play. There are still Google Android devices affected from the cyberattack, Check Point said, with a tally of 50,000 devices. The key areas impacted include Pakistan and Bangladesh, with cases seen in the United States as well.

The ransomware was able to gain “root” control over eight million devices and inundated users with 100 million bogus ads. “This is the first adware discovered using this technique,” said Check Point researchers.

The campaign also harkens back to a tech startup based in China known as MobiSummer, though the researchers said that the cyberattack was not necessarily created by the company and, as Fortune reported, may indeed have been an “unwitting” agent of the campaign.

In an interview with Fortune, Aaron Stein, a Google spokesperson, said Google Play Protect would protect phones against such malware, stating that “CopyCat is a variant of a broader malware family that we’ve been tracking since 2015. Each time a new variant appears, we update our detection systems to protect our users,” Stein said. “Play Protect secures users from the family, and any apps that may have been infected with CopyCat were not distributed via Play.”


New PYMNTS Report: The CFO’s Guide To Digitizing B2B Payments – August 2020 

The CFO’s Guide To Digitizing B2B Payments, a PYMNTS and Comdata collaboration, examines how companies are updating their AP approaches to protect their cash flows, support their vendors and enable their financial departments to operate remotely.

Click to comment