Check Point security firm has revealed in its findings that a new malware strand named Gooligan has breached more than million Google accounts during the past several months.
Million Google Accounts Breached by Gooligan Malware. Just like other malware attacks on an Android-based device, Gooligan also starts when the end user either downloads an infested app from a third party app store or if a person clicks on a link in an SMS or email message that directs them to the malware source. The malware is installed by a phishing campaign.
Million Google Accounts Breached by Gooligan Malware
The minute Gooligan is put in, Check Point claims it sends out information on the infected device to a command and control server. After that it downloads rootkit software that can take information like email accounts and approval tokens that can be used to breach Google accounts. It injects a code into Google Play and downloads fraudulent apps.
Gooligan potentially affects devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which is more than 74% of in-market devices today. Almost 7% of these devices are in Asia and about 9% are in Europe.
Check Point has a list of the identified apps that have been infected by the Gooligan malware. It also states it has already sent the data it poised on this breach to Google.
Adrian Ludwig, Google’s director of Android security, reveals that,
“The company has taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”
For the time being, people can avoid their Android smartphone or tablet from being infected. They should stay away from any unsecure third-party app store. And they should not click on any random links from emails and messages from anonymous sources.