‘Gooligan’ Android Malware Stole Millions of Google Accounts, SayResearchers
December 2, 2016
A malicious software, called Gooligan, designed to attack Android smartphones has breached the accounts of more than a million Google users, security researchers said Wednesday.
The report by Check Point Software Technologies said the Gooligan malware targets devices running Android 4.0 and 5.0, which represent nearly 74 percent of Android devices.
Gooligan attacks can steal email addresses and authentication data stored on the devices to access sensitive data from Gmail, Google Photos, Google Docs and other services, Check Point said.
“This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks,” said Michael Shaulov, Check Point’s head of mobile products.
“We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.”
Check Point said researchers discovered Gooligan’s code in an application last year and that a new variant appeared in August 2016, affecting some 13,000 devices per day. About 57 percent of those devices are located in Asia and about nine percent are in Europe.
“The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages,” the company said in a statement.
Attackers, via Gooligan, can gain control over the device and generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim.
Check Point said it reported the details of the Gooligan malware to Google, and that the tech giant indicated it would take steps to protect users.
Google did not immediately respond to an AFP query.