Malware takes over one million Google accounts: report

Malware takes over one million Google accounts: report

How to tell if your account has been infected by Gooligan, the malware variant identified by security vendor Check Point.

A new malware variant discovered by Check Point Software Technologies and dubbed Gooligan has spread at the rate of 13,000 devices a day and has become the first to root more than a million devices.

In this context, 'root' means to gain access to all functions of the operating system. Normally, certain aspects of a phone or tablet are shielded, partly for commercial reasons (for example, to prevent the removal of bundled applications) but also to prevent apps from doing things they shouldn't. So a malicious app may start by rooting a device so it can get up to no good.

And that's what Gooligan does, at least on device running Android 4 (Jelly Bean, KitKat) or 5 (Lollipop).

If an app infested with Gooligan is installed, or if a user clicks on a link delivered by a phishing attack text message, the malware roots the device and steals email addresses and authentication tokens, which can be used to access the user's Google account (think Gmail, Google Photos, Google Drive, and so on).

It then installs apps from Google Play and rates them (presumably to make them seem more attractive to other people) without the user's involvement. More than 2 million apps have been installed this way.

Check Point has set up an online service to check whether particular email addresses are known to have been compromised by Gooligan.

A clean reinstallation of Android is required if a device has been infected by Gooligan, Check Point said, suggesting that the manufacturer or carrier be contacted for assistance. See this Check Point blog post for more information.

Source: Check Point Software Technologies

The current Gooligan variant was discovered in August and immediately reported to Google, which responded by contacting users known to have been infected, revoking their authentication tokens, removing apps from Google Play, and stepping up the checks performed on apps before they are admitted to the store.

Source: Copyright © BIT (Business IT). All rights reserved.

See more about:  android  |  google  |  malware  |  security
 
 
Sign up for our free newsletter
Get the latest business tech news, reviews and guides delivered to your inbox.

Latest Comments

Latest articles on iTnewsLatest iTnews Articles
New malware worm spreads using leaked NSA exploits
23 May 2017
EternalRocks features seven spy tools.
Hackers hit Russian bank customers
22 May 2017
Had planned global raids before capture.
Telstra exchange fire downs services in Adelaide
22 May 2017
Spark in power supply system.
ACMA reshaping underway as govt weighs in
22 May 2017
Loses cyber security.
Windows 7 machines most impacted by WannaCrypt
22 May 2017
Ransomware worm crashes Windows XP.