CopyCat Malware Infects Over 14M Android Devices

[FrgMstr]

While over half of the CopyCat malware infections on Android are located in Asia, there are over 250K infections verified in the USA. This Android malware's primary function is one you might not notice easily either. It is going about making its money by hijacking advertisement identifiers. Basically, when you see an ad on your phone, company X gets paid. You still see the same advertisement, but this malware tells the ad seller that company Y gets credit for it instead of company X. While it does not seem that the code is getting used for a more nefarious purpose at this time, it surely could be used for purposes much worse. This malware is capable of rooting your Android phone.

The malware uses two tactics to steal ad revenue – displaying fraudulent ads and stealing referrer IDs of apps installed from Google Play.

Now how do you go about getting this malware on your device? You download and install 3rd party apps NOT from the Google Play store. If you have not done that, then there is likely no reason for concern. So don't do that! And you know you should not anyway.

There's no evidence that CopyCat was distributed on Google Play, Google’s official app store.

And it seems as if this has already been handled by Google as well, although not a lot of information is giving on this. If anyone can find a reliable way to verify if you have this on your device, please pass that along as I cannot find any reliable information on how you might go about that.

Check Point researchers identified a mobile malware that infected 14 million Android devices, rooting approximately 8 million of them, and earning the hackers behind the campaign approximately $1.5 million in fake ad revenues in two months.

 

[HorseproofBacon]

So...it's adware that doesn't hurt the host but instead hurts a 3rd party advertiser?

That's a new twist.

 

[ymer]

So...it's adware that doesn't hurt the host but instead hurts a 3rd party advertiser?

That's a new twist.

Not the 3rd party advertiser, more like the people that profit from ads on their apps are getting pwnd.

 

[Gigus Fire]

why should i care about people who profit on ads?
Both this malware and those ad apps can go die in a ditch for all i care.

 

[frankmansal]

I agree with hyper.

 

[Evil]

250k infections in the U.S. on about 100 million user Android devices. So... I shouldn't worry about this at all.

 

[FrgMstr]

why should i care about people who profit on ads?
Both this malware and those ad apps can go die in a ditch for all i care.

So if there is no money to create content, what are you going to look at?

 

[FrgMstr]

Why do I the end user have to support a shitty business model that involves showing me content (ads) that i don't want?
Why or how is it my responsibility to generate ad money?
I mean if people want to make money showing ads, good for them. But ads do use up my electricity/bandwidth/data plan/user experience so there's a cost that i'm supposed to just take. If i have a choice, then i'll just get some ad-blocking software.
The content sites are free to use ad blocking detection software as well and deny me access. Good for them.

You do not. But when there is no content there for you for free, remember that is what you wanted.

 

[grtitan]

Why do I the end user have to support a shitty business model that involves showing me content (ads) that i don't want?
Why or how is it my responsibility to generate ad money?
I mean if people want to make money showing ads, good for them. But ads do use up my electricity/bandwidth/data plan/user experience so there's a cost that i'm supposed to just take. If i have a choice, then i'll just get some ad-blocking software.
The content sites are free to use ad blocking detection software as well and deny me access. Good for them.

That model is the only way for some people to get access to some apps, since very few people are willing to pay for apps.

I personally download the free one first and if i like it enough, I buy it.

 

[FrgMstr]

I'd rather pay out for an ad free version of something if i really like it.
Ad versions are just bad. Trialware used to be a thing.
If i had a rooted phone, i'd just use a modified hosts file to block most ads, even in apps.

How would you know ad versions are that bad if you never see them?

 

[FrgMstr]

Where did you get that idea from?

Guess I just made it up in my head that you ad blocked.

 

[Spidey329]

So...it's adware that doesn't hurt the host but instead hurts a 3rd party advertiser?

That's a new twist.

It's pretty ingenious. The less intrusive it is to the host, the more likely it could go unnoticed. The malware that mines bitcoins or steals day / passwords is instrusive. This? Not so much.

 

[AaronGant]

There will no doubt people trying to get this on purpose to get their phone rooted...

I'll give that guy some ad revenue to root my phone. Seems fair.

 

[Exavior]

Ohh, there was an "if" before "i had a rooted phone".
Long story short, i updated from a easily rootable phone to a s7 edge which you can root, but it uses a engineering kernel with really lousy performance. Even with all the optimizations, it was significantly different than the stock kernel.
So all the neat stuff that i used to do (system wide ad blocking, cheat engine for games, titanium backup, etc) went out the door.
I was willing to compromise because it was a big upgrade from my old phone (note 4) and only cost me 200$ for a brand new s7 edge at the time.
FYI, firefox allows for extensions (ad blocking) natively without having to do anything crazy, so that's my browser of choice on android atm. However that doesn't stop in app ads.

I think you missed part of what Kyle was trying to bash you over the head with and you didn't gather. YOU ARE ON A FUCKING SITE THAT USES ADS TO MAKE MONEY.

Do you understand that point? Does the idea of that make its way into your head and connect parts of your brain that form intelligent thoughts?

Generalizing for a moment. You guys all want to bitch about sites having ads, however on the flip side you want to bitch that things like youtube red exist to allow you to pay for content if you want to, want to bitch about twitch allowing you to subscribe, you want to bitch when sites charge you money to view their content. Money has to come from somewhere. Either you "pay" with ads for a app or site, or you pay with actual money to subscribe to every site you want to see content from. Kyle has already found out that trying to charge for access to this site didn't work, and trying to do it with ads along doesn't work. He is busting his ass trying to keep a site alive and knows the struggle that content creators of any type online face. So when you try to say who cares who gets the money, just stop to think about people like Kyle (and the rest of the HardOCP crew) that create sites / content that you enjoy and try to make a living from trying to do that if they aren't making a single cent from you. Unless you are trying to tell Kyle to go fuck himself and that you hope this this site goes under dragging him personally into such deep financial hole that he is never able to get out of it. Do you understand why your comment makes little fucking sense here?

 

[Exavior]

It's pretty ingenious. The less intrusive it is to the host, the more likely it could go unnoticed. The malware that mines bitcoins or steals day / passwords is instrusive. This? Not so much.

Wait there is malware that steals days? Holy shit, I think I am infected with that. Some times it seems like the week just goes by too fast and that I skipped a day or two somewhere, now I know why. It all makes so much sense now.

 

[Gigus Fire]

I think you missed part of what Kyle was trying to bash you over the head with and you didn't gather. YOU ARE ON A FUCKING SITE THAT USES ADS TO MAKE MONEY.

Do you understand that point? Does the idea of that make its way into your head and connect parts of your brain that form intelligent thoughts?

Generalizing for a moment. You guys all want to bitch about sites having ads, however on the flip side you want to bitch that things like youtube red exist to allow you to pay for content if you want to, want to bitch about twitch allowing you to subscribe, you want to bitch when sites charge you money to view their content. Money has to come from somewhere. Either you "pay" with ads for a app or site, or you pay with actual money to subscribe to every site you want to see content from. Kyle has already found out that trying to charge for access to this site didn't work, and trying to do it with ads along doesn't work. He is busting his ass trying to keep a site alive and knows the struggle that content creators of any type online face. So when you try to say who cares who gets the money, just stop to think about people like Kyle (and the rest of the HardOCP crew) that create sites / content that you enjoy and try to make a living from trying to do that if they aren't making a single cent from you. Unless you are trying to tell Kyle to go fuck himself and that you hope this this site goes under dragging him personally into such deep financial hole that he is never able to get out of it. Do you understand why your comment makes little fucking sense here?

Lol. I'm only bitching about ads. If sites that depended on ads disappeared, no loss.

 

[Deleted member 88227]

Lol. I'm only bitching about ads. If sites that depended on ads disappeared, no loss.

You do realize this site depends on ads, right?

 

[Exavior]

You do realize this site depends on ads, right?

The post of mine he is replying to is fully typed out in English right? I want somebody else verify that I really did type that way and that is readable by English speaking people.

 

[Deleted member 88227]

Yes, but I wanted to simplify it for him. Seems reading isn't his strong suit.

 

[Exavior]

Maybe he can read ok but not comprehend what he is reading.

 

[Gigus Fire]

lol. I simply don't care. Any business model that leeches off my resources doesn't deserve to exist

 

[GoldenTiger]

lol. I simply don't care. Any business model that leeches off my resources doesn't deserve to exist

Yet, you're fine with it the other way around... You're leeching them instead. Aren't you a bottle of sunshine?

 

[Exavior]

lol. I simply don't care. Any business model that leeches off my resources doesn't deserve to exist

So everything? Your PC and all other things in your hour leach off your power.

 

[Gigus Fire]

Yet, you're fine with it the other way around... You're leeching them instead. Aren't you a bottle of sunshine?

This is a forum. Without the users it's nothing. WTF are you even on?

So everything? Your PC and all other things in your hour leach off your power.

Whut?

 

[GoldenTiger]

This is a forum. Without the users it's nothing. WTF are you even on?

Whut?

It is HardOCP, are you kidding me?

 

[Travolta]

Uh oh, I'm just going to go wait outside before Kyle comes back.

 

[Exavior]

This is a forum. Without the users it's nothing. WTF are you even on?

Whut?

This is a news and hardware review site with a forum. They have created content that cost and a cost of doing business in general. It isn't free to run the site.

Your comment is anything the leeches off your resources doesn't deserve to exist. You are referring to the fact that something is eating up either your cpu cycles, power or data and thus is taking away something from you. A computer does not contain its own renewable self contained power source. Instead you were sold a device that by design of its makers requires it to make use of resources that you have (power) in order to operate. The same is true for your tv, and everything else in your house. They were all designed with a business model that requires them to operate using your resources. Anything that is subscription based is based around the resource of your money and require you to supply them in more money in order to use said service. Anything that is web based uses your data resource, cpu resource and gpu resource. Games uses all these resources.

 

[Exavior]

To get this thread back on its original topic. One thing that is "funny" about this attack that it shows just how much different countries use 3rd party stores vs Google Play since that is where this infection comes from. So not really surprised that Asia and that area was the ones that got hit the hardest.

 

[Gigus Fire]

This is a news and hardware review site with a forum. They have created content that cost and a cost of doing business in general. It isn't free to run the site.

Your comment is anything the leeches off your resources doesn't deserve to exist. You are referring to the fact that something is eating up either your cpu cycles, power or data and thus is taking away something from you. A computer does not contain its own renewable self contained power source. Instead you were sold a device that by design of its makers requires it to make use of resources that you have (power) in order to operate. The same is true for your tv, and everything else in your house. They were all designed with a business model that requires them to operate using your resources. Anything that is subscription based is based around the resource of your money and require you to supply them in more money in order to use said service. Anything that is web based uses your data resource, cpu resource and gpu resource. Games uses all these resources.

As i said before, if they can make money out of it, all the power to them. What i also said before is that ads cost me money and it's not something i want, unlike the content and games and everything else i do on my computer. Thus i filter them out. I don't really see the problem here. There's no social agreement to accept ads, it's not a morally superior stance nor does it make sense logically to allow it.
And like i said before, if it's a big problem, people can add ad block detection scripts and prevent filtering like some big sites do (forbes for example). And if they did that i would just find another place.