“CopyCat” Adware Infects Zygote Android Core Process

“CopyCat” is a well-known Android adware family which has infected more than 14 million devices and routed more than 8 million in last one and half year. As per estimation, it has made around $1.5 for its developers. According to a security firm named as “CheckPoint”, it used five different exploits to root the android devices. The rooting exploits are namely CVE-2014-4321, CVE-2014-4324, CVE-2013-6282 (VROOT), CVE-2015-3636 (PingPongRoot), and CVE-2014-3153 (Towelroot). After rooting the android device, CopyCat can control the app launching operations by accessing the Android’s core OS processes. These exploits are functional for older Android version that is Android 5 or earlier and there is still a very large base for such devices. The Copycat malware circulated through third-party app stores or via Online forums. Most of the victims are in Southeast Asia however China was avoided, may be because its developers are located in Chine and they wanted Read more