“Gooligan” Android Malware Steals Authentication Tokens to Compromise More Than 1 Million Google User Accounts
Researchers from Check Point Software Technologies shared details on Wednesday of new Android malware that has compromised more than a million Google Accounts.
Dubbed Gooligan by the security firm, the malware targets devices running Android 4 and 5, which represent nearly 74 percent of Android devices currently in use.
According to Check Point, the mobile malware can steal authentication tokens stored on devices which can be used to access sensitive data from Gmail, Google Photos, Google Docs and other services, including G Suite.
Check Point’s research team originally discovered Gooligan’s code in a malicious app called SnapPea last year. They discovered a new variant in August 2016 which they say is infecting 13,000 Android devices per day, with approximately 57 percent of infected devices located in Asia and about nine percent in Europe.
“The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages,” Check Point explained in a blog post.
After gaining control over the Android device, the cybercriminals behind Gooligan make money by fraudulently installing apps from Google Play and rating them on behalf of the victim, Check Point said. Gooligan installs at least 30,000 apps daily on compromised devices, totaling more than 2 million apps since the campaign first kicked off.
“If your account has been breached, a clean installation of an operating system on your mobile device is required.”
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
We are a professional review site that has advertisement and can receive compensation from the companies whose products we review. We use affiliate links in the post so if you use them to buy products through those links we can get compensation at no additional cost to you.OkDecline
2 Comments
Tomi Engdahl says:
“Gooligan” Android Malware Steals Authentication Tokens to Hack User Accounts
http://www.securityweek.com/gooligan-android-malware-compromises-more-1-million-google-accounts
“Gooligan” Android Malware Steals Authentication Tokens to Compromise More Than 1 Million Google User Accounts
Researchers from Check Point Software Technologies shared details on Wednesday of new Android malware that has compromised more than a million Google Accounts.
Dubbed Gooligan by the security firm, the malware targets devices running Android 4 and 5, which represent nearly 74 percent of Android devices currently in use.
According to Check Point, the mobile malware can steal authentication tokens stored on devices which can be used to access sensitive data from Gmail, Google Photos, Google Docs and other services, including G Suite.
Check Point’s research team originally discovered Gooligan’s code in a malicious app called SnapPea last year. They discovered a new variant in August 2016 which they say is infecting 13,000 Android devices per day, with approximately 57 percent of infected devices located in Asia and about nine percent in Europe.
“The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages,” Check Point explained in a blog post.
After gaining control over the Android device, the cybercriminals behind Gooligan make money by fraudulently installing apps from Google Play and rating them on behalf of the victim, Check Point said. Gooligan installs at least 30,000 apps daily on compromised devices, totaling more than 2 million apps since the campaign first kicked off.
“If your account has been breached, a clean installation of an operating system on your mobile device is required.”
Check Point Press Releases
More Than 1 Million Google Accounts Breached by Gooligan, New Android Malware Variant
Check Point reveals a major Google security breach, caused by a new Android malware variant that infects over 13,000 devices every day
https://www.checkpoint.com/press/2016/1-million-google-accounts-breached-gooligan-new-android-malware-variant/
Tomi Engdahl says:
Founding A Company In Shenzhen For Eight Days
http://hackaday.com/2016/11/30/founding-a-company-in-shenzhen-for-eight-days/