New variant of Android malware breaches security of 1 mn Google accounts
01 Dec 2016
A new variant of an Android malware called "Gooligan" is said to have breached the security of over 1 million Google accounts.
Security firm Check Point Software Technologies said the malware could root Android devices and steal email addresses and authentication tokens stored on them, which could give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.
"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks, PTI reported. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products, Michael Shaulov said.
According to Check Point's report, the malware campaign infected 13,000 devices each day and that Gooligan targeted devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represented nearly 74 per cent of Android devices in use today. About 40 per cent of these devices were located in Asia while 12 per cent were located in Europe.
After they gain control over the device, attackers generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim, according to the report.
"Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began," it added.
According to Check Point researchers, they had stumbled upon this family of Android-based malware in at least 86 apps available in third-party marketplaces.
The malware had been affecting Android devices since August this year and the number continued to increase with an additional 13,000 breaches estimated each day.
The researchers had already made Google aware of the malware and Google's director of Android security Adrian Ludwig responded saying, "We're appreciative of both Check Point's research and their partnership as we've worked together to understand these issues, www.ibtimes.co.uk reported.