The researchers at security firm Check Point have identified a new strain of malware, dubbed CopyCat. The adware has infected 14 million Android devices around the world and allowed its authors to successfully root (gain admin privileges) over half of them.

After rooting the device, the malware targets and exploits the Zygote, an Android OS core process that launches apps. Once it has control of the Zygote, the malware can displays fraudulent ads and steals the app installation credits

The experts have estimated that – in less than two months time – the adware helped earn the attackers approximately 1.5 million USD, primarily through ad fraud. The majority of the profit came from nearly 5 million fake installations on infected devices, which displays up to 100 million ads.

The Check Point team believe that the CopyCat was distributed through third-party app downloads and phishing attacks. Furthermore, the experts claim that the malware can infect only Android devices, running on the 5.0 and earlier versions of the OS. Unfortunately, the extent of the exploit distinctly indicates that millions of Android users still rely on outdated, unsupported, and unsafe versions of the operating system.