Android malware leads to 1 million Google account breaches

Android malware leads to 1 million Google account breaches
A new variant of Android malware has resulted in over 1 million Google account breaches, according to a security firm.

Check Point discovered the new variant of the 'Gooligan' malware recently, and has exposed the damage done to victims. It roots Android devices and steals e-mail addresses and authentication tokens, allowing attackers to access Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.



Many breached accounts are associated with enterprises around the world, according to Check Point's data.

The Gooligan variant is infecting an estimated over 13,000 new devices every day, most of which are in Asia. It is delivered through infected apps when they are installed on an Android device, and also by malicious links that unsuspecting victims open.

Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represents about 74% of Android devices in use.

In addition to stealing e-mail addresses and authentication tokens, it also fraudulently downloads and rates apps from Google Play to the victim's devices. Check Point estimates that around 30,000 apps are fraudulently installed on devices every day by the malware.

If you suspect you might be a victim, you can use Check Point's free online tool to check your e-mail address against known breached accounts.

Google has been informed of the malicious software and already has taken action to protect vulnerable users, including revoking authentication tokens.

Source: Check Point

Written by: James Delahunty @ 30 Nov 2016 13:44
Tags
malware Android
Advertisement - News comments available below the ad
  • 3 comments
  • hearme0

    Yet another issue that supports my claim FOR YEARS that Android is a piece of crap, HIGHLY INSECURE OS. Gov't that use it have special configurations for this.


    Additionally, Android OS is constantly self-obsoleting and always updating and changing its platform.

    This nonsense is tantamount to when websites change their layout and one must search and search for the links they always use........just to have it change again in 9 months to a year. CONSTANT RE-ADAPTATION!

    NONSENSE!

    1.12.2016 11:00 #1

  • fb2075

    Originally posted by hearme0: Yet another issue that supports my claim FOR YEARS that Android is a piece of crap, HIGHLY INSECURE OS. Gov't that use it have special configurations for this.


    Additionally, Android OS is constantly self-obsoleting and always updating and changing its platform.

    This nonsense is tantamount to when websites change their layout and one must search and search for the links they always use........just to have it change again in 9 months to a year. CONSTANT RE-ADAPTATION!

    NONSENSE!
    That's what I love about Apple. Their OS has always looked and worked exactly the same. They've had 7 different OS's since I got an iMac back in 2008 and 99% of everything is exactly the same now as it was then.

    5.12.2016 16:21 #2

  • KillerBug

    Android can run 3rd party apps...is that really a bad thing just because some people are really dumb? Maybe they shouldn't have that ability...or the ability to vote...or to pick their jobs. Of course no one would seriously advocate most of that.

    7.12.2016 12:18 #3

© 2024 AfterDawn Oy

Hosted by
Powered by UpCloud