CopyCat Malware Infects Over 14M Android Devices

Discussion in 'HardForum Tech News' started by FrgMstr, Jul 7, 2017.

  1. FrgMstr

    FrgMstr Just Plain Mean Staff Member

    Messages:
    48,510
    Joined:
    May 18, 1997
    While over half of the CopyCat malware infections on Android are located in Asia, there are over 250K infections verified in the USA. This Android malware's primary function is one you might not notice easily either. It is going about making its money by hijacking advertisement identifiers. Basically, when you see an ad on your phone, company X gets paid. You still see the same advertisement, but this malware tells the ad seller that company Y gets credit for it instead of company X. While it does not seem that the code is getting used for a more nefarious purpose at this time, it surely could be used for purposes much worse. This malware is capable of rooting your Android phone.

    The malware uses two tactics to steal ad revenue – displaying fraudulent ads and stealing referrer IDs of apps installed from Google Play.

    Now how do you go about getting this malware on your device? You download and install 3rd party apps NOT from the Google Play store. If you have not done that, then there is likely no reason for concern. So don't do that! And you know you should not anyway.

    There's no evidence that CopyCat was distributed on Google Play, Google’s official app store.


    And it seems as if this has already been handled by Google as well, although not a lot of information is giving on this. If anyone can find a reliable way to verify if you have this on your device, please pass that along as I cannot find any reliable information on how you might go about that.

    Check Point researchers identified a mobile malware that infected 14 million Android devices, rooting approximately 8 million of them, and earning the hackers behind the campaign approximately $1.5 million in fake ad revenues in two months.
     
    rive22 likes this.
  2. HorseproofBacon

    HorseproofBacon Limp Gawd

    Messages:
    295
    Joined:
    Nov 22, 2016
    So...it's adware that doesn't hurt the host but instead hurts a 3rd party advertiser?

    That's a new twist.
     
  3. ymer

    ymer Limp Gawd

    Messages:
    471
    Joined:
    Jun 29, 2004
    Not the 3rd party advertiser, more like the people that profit from ads on their apps are getting pwnd.
     
  4. Gigus Fire

    Gigus Fire 2[H]4U

    Messages:
    2,275
    Joined:
    Oct 14, 2004
    why should i care about people who profit on ads?
    Both this malware and those ad apps can go die in a ditch for all i care.
     
    midnightfrolic likes this.
  5. frankmansal

    frankmansal Limp Gawd

    Messages:
    130
    Joined:
    Aug 3, 2013
    I agree with hyper.
     
  6. Evil

    Evil Gawd

    Messages:
    946
    Joined:
    Jun 2, 2006
    250k infections in the U.S. on about 100 million user Android devices. So... I shouldn't worry about this at all.
     
  7. FrgMstr

    FrgMstr Just Plain Mean Staff Member

    Messages:
    48,510
    Joined:
    May 18, 1997
    So if there is no money to create content, what are you going to look at?
     
    GoldenTiger and Ultima99 like this.
  8. FrgMstr

    FrgMstr Just Plain Mean Staff Member

    Messages:
    48,510
    Joined:
    May 18, 1997
    You do not. But when there is no content there for you for free, remember that is what you wanted.
     
    GoldenTiger likes this.
  9. grtitan

    grtitan Telemetry is Spying on ME!

    Messages:
    1,266
    Joined:
    Mar 18, 2011
    That model is the only way for some people to get access to some apps, since very few people are willing to pay for apps.

    I personally download the free one first and if i like it enough, I buy it.
     
  10. FrgMstr

    FrgMstr Just Plain Mean Staff Member

    Messages:
    48,510
    Joined:
    May 18, 1997
    How would you know ad versions are that bad if you never see them?
     
    GoldenTiger likes this.
  11. FrgMstr

    FrgMstr Just Plain Mean Staff Member

    Messages:
    48,510
    Joined:
    May 18, 1997
    Guess I just made it up in my head that you ad blocked.
     
    GoldenTiger likes this.
  12. Spidey329

    Spidey329 [H]ardForum Junkie

    Messages:
    8,676
    Joined:
    Dec 15, 2003
    It's pretty ingenious. The less intrusive it is to the host, the more likely it could go unnoticed. The malware that mines bitcoins or steals day / passwords is instrusive. This? Not so much.
     
  13. AaronGant

    AaronGant Limp Gawd

    Messages:
    378
    Joined:
    Feb 21, 2010
    I'll give that guy some ad revenue to root my phone. Seems fair.
     
  14. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    I think you missed part of what Kyle was trying to bash you over the head with and you didn't gather. YOU ARE ON A FUCKING SITE THAT USES ADS TO MAKE MONEY.

    Do you understand that point? Does the idea of that make its way into your head and connect parts of your brain that form intelligent thoughts?

    Generalizing for a moment. You guys all want to bitch about sites having ads, however on the flip side you want to bitch that things like youtube red exist to allow you to pay for content if you want to, want to bitch about twitch allowing you to subscribe, you want to bitch when sites charge you money to view their content. Money has to come from somewhere. Either you "pay" with ads for a app or site, or you pay with actual money to subscribe to every site you want to see content from. Kyle has already found out that trying to charge for access to this site didn't work, and trying to do it with ads along doesn't work. He is busting his ass trying to keep a site alive and knows the struggle that content creators of any type online face. So when you try to say who cares who gets the money, just stop to think about people like Kyle (and the rest of the HardOCP crew) that create sites / content that you enjoy and try to make a living from trying to do that if they aren't making a single cent from you. Unless you are trying to tell Kyle to go fuck himself and that you hope this this site goes under dragging him personally into such deep financial hole that he is never able to get out of it. Do you understand why your comment makes little fucking sense here?
     
    GoldenTiger and Chuklr like this.
  15. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    Wait there is malware that steals days? Holy shit, I think I am infected with that. Some times it seems like the week just goes by too fast and that I skipped a day or two somewhere, now I know why. It all makes so much sense now.
     
  16. Gigus Fire

    Gigus Fire 2[H]4U

    Messages:
    2,275
    Joined:
    Oct 14, 2004
    Lol. I'm only bitching about ads. If sites that depended on ads disappeared, no loss.
     
  17. Skillz

    Skillz [H]ard DCOTY 2017

    Messages:
    22,044
    Joined:
    Aug 14, 2004
    You do realize this site depends on ads, right?
     
  18. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    The post of mine he is replying to is fully typed out in English right? I want somebody else verify that I really did type that way and that is readable by English speaking people.
     
    GoldenTiger likes this.
  19. Skillz

    Skillz [H]ard DCOTY 2017

    Messages:
    22,044
    Joined:
    Aug 14, 2004
    Yes, but I wanted to simplify it for him. Seems reading isn't his strong suit.
     
  20. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    Maybe he can read ok but not comprehend what he is reading.
     
  21. Gigus Fire

    Gigus Fire 2[H]4U

    Messages:
    2,275
    Joined:
    Oct 14, 2004
    lol. I simply don't care. Any business model that leeches off my resources doesn't deserve to exist
     
  22. GoldenTiger

    GoldenTiger [H]ard as it Gets

    Messages:
    18,951
    Joined:
    Dec 2, 2004
    Yet, you're fine with it the other way around... You're leeching them instead. Aren't you a bottle of sunshine?
     
  23. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    So everything? Your PC and all other things in your hour leach off your power.
     
  24. Gigus Fire

    Gigus Fire 2[H]4U

    Messages:
    2,275
    Joined:
    Oct 14, 2004
    This is a forum. Without the users it's nothing. WTF are you even on?
    Whut?
     
  25. GoldenTiger

    GoldenTiger [H]ard as it Gets

    Messages:
    18,951
    Joined:
    Dec 2, 2004
    It is HardOCP, are you kidding me?
     
  26. Travolta

    Travolta Gawd

    Messages:
    656
    Joined:
    Sep 19, 2004
    Uh oh, I'm just going to go wait outside before Kyle comes back.
     
  27. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    This is a news and hardware review site with a forum. They have created content that cost and a cost of doing business in general. It isn't free to run the site.

    Your comment is anything the leeches off your resources doesn't deserve to exist. You are referring to the fact that something is eating up either your cpu cycles, power or data and thus is taking away something from you. A computer does not contain its own renewable self contained power source. Instead you were sold a device that by design of its makers requires it to make use of resources that you have (power) in order to operate. The same is true for your tv, and everything else in your house. They were all designed with a business model that requires them to operate using your resources. Anything that is subscription based is based around the resource of your money and require you to supply them in more money in order to use said service. Anything that is web based uses your data resource, cpu resource and gpu resource. Games uses all these resources.
     
    GoldenTiger likes this.
  28. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,662
    Joined:
    Dec 13, 2005
    To get this thread back on its original topic. One thing that is "funny" about this attack that it shows just how much different countries use 3rd party stores vs Google Play since that is where this infection comes from. So not really surprised that Asia and that area was the ones that got hit the hardest.
     
    Uvaman2 likes this.
  29. Gigus Fire

    Gigus Fire 2[H]4U

    Messages:
    2,275
    Joined:
    Oct 14, 2004
    As i said before, if they can make money out of it, all the power to them. What i also said before is that ads cost me money and it's not something i want, unlike the content and games and everything else i do on my computer. Thus i filter them out. I don't really see the problem here. There's no social agreement to accept ads, it's not a morally superior stance nor does it make sense logically to allow it.
    And like i said before, if it's a big problem, people can add ad block detection scripts and prevent filtering like some big sites do (forbes for example). And if they did that i would just find another place.