1 million Google accounts exposed by Android malware ‘Gooligan’

emAFP Photo/em
AFP Photo

According to researchers from Check Point Software Technologies, an Android malware has compromised over one million Google accounts.

The researches uncovered that the Android-based malware, dubbed 'Gooligan', was in at least 86 apps offered in third-party marketplaces.

The malware can gain highly-privileged system access of Google's Android operating systems (including Ice Cream Sandwich, Jelly Bean, KitKat and Lollipop) by rooting the devices as soon as it is installed.

74 percent of users are using vulnerable versions.

After the rooting process, software stealing authentication tokens are automatically downloaded and installed.

With the authentication tokens, Google-related accounts may be accessed without having to enter a password. These services include Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.

The malware can also install apps from Google Play and even rate them without you noticing in order to raise their reputation.

According to Check Point, other Android security engineers and Google officials stated that there is no evidence that the malware has accessed data from compromised accounts or has targeted individual users.

Gooligan, an aggressive variant of Ghost Push, first showed up in in September 2015.

Reports suggest that around 57 percent of devices infected by Gooligan are located in Asia, around 19 percent in the Americas, 15 percent in Africa, and about9 percent are in Europe.

Share on Facebook Share on Twitter