One million Google accounts breached by Gooligan, new Android malware variant

  • Thread starter Thread starter rahul1117kumar
  • Start date Start date
  • Replies Replies: Replies 1
  • Views Views: Views 582
Joined
21 Jun 2013
Messages
10,365
Reaction score
11,058
Security researchers revealed today that a new variant of Android malware, Gooligan, has breached the security of more than one million Google accounts.

The new malware campaign named 'Gooligan' roots Android devices and steals email addresses and authentication tokens stored on them. With this information, attackers can access users’ sensitive data from Gmail , Google Photos, Google Docs , Google Play, Google Drive, and G Suite.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks," said Michael Shaulov, head of mobile products of Software Technologies Ltd , an Israel-based software security firm.

The report released by Check Point stated that the malware infects 13,000 devices each day and is the first to root over a million devices. Hundreds of the email addresses associated with enterprise accounts worldwide were victims of the malware.

Check Point, in a press release, stated that it reached out to the Google security team immediately with information on this campaign. Subsequently, Google had contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.

"We appreciate Check Point's partnership as we’ve worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall," stated Adrian Ludwig, Google’s director of Android security.

The report stated that the malware infects 13,000 devices each day and is the first to root over a million devices. Hundreds of the email addresses associated with enterprise accounts worldwide were victims of the malware.

"We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," said Shaulov.

Check Point’s Mobile Research Team first encountered Gooligan’s code in the malicious SnapPea app last year. In August 2016, the malware reappeared with a new variant and has since infected at least 13,000 devices per day. About 40% of these devices are located in Asia and about 12% are in Europe.

Hundreds of the exposed email addresses are associated with enterprises around the world. The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack text messages.

Check Point Software Technologies Ltd. is one of the largest cyber security vendors globally, providing industry-leading solutions and protecting customers from cyber attacks.

Google: One million Google accounts breached by Gooligan, new Android malware variant - ET Telecom
 
Back
Top Bottom