"CopyCat malware infects 14M devices, shows 'unprecedented success rate' Check Point researchers have identified a new malware that they said infected some 14 million devices, rooting 8 million of them. The malware has generated $1.5 million for attackers... CopyCat targets Android devices and it makes money by stealing advertising revenues, the post said. The malware has infected devices around the world, but it has seen the biggest impact in Southeast Asia. Check Point called CopyCat a "fully developed malware" that is able to gain root access. The post noted that it then has the ability to inject code into Zygote, the app launching daemon in Android, in order to gain control over the victim's device..." http://www.techrepublic.com/article...14m-devices-shows-unprecedented-success-rate/
The origin of the biggest spread is no surprise. That age old vanity appeal is mighty and the admiration for things that dance and jingle is always worth a click. Thanks for bringing attention to Zygote. Another something to examine and test when those long winter days roll in again. I keep my androids off any browsers for now but that doesn't dismiss possibilities from apps right? That's why it's wise to audit every single one of them IMO. http://coltf.blogspot.com/p/android-os-processes-and-zygote.html
"...There’s been no evidence that any CopyCat malware was pushed through any app installed through Google Play..." https://www.slashgear.com/copycat-android-malware-enters-here-how-to-avoid-its-coils-07490911/