Leave a comment

1 million Google accounts hit by malware that can access 74 percent of all Android phones

1 million Google accounts hit by malware that can access 74 percent of all Android phones
photo courtesy of shutterstock

Cybercriminals are always coming up with new ways to rip us off. We're constantly warning you of the latest scams making the rounds. And as time goes on, hackers and scammers are getting trickier and more sinister.

We recently told you about fake apps designed to trick you into giving the scammer personal information or credit card numbers. Now you need to be worried about a fast spreading version of malware. It's so rampant that 1 million Google accounts have already been compromised.

What happened?

Malicious software that is masked as a genuine app for Android gadgets has been discovered by researchers at Check Point. Malware known as Gooligan has been infecting nearly 13,000 Android gadgets every single day since August. It has gained control of over a million Google accounts since that time.

So far there have been 86 of the malicious apps found in third-party marketplaces. A few of those apps are named Perfect Cleaner, StopWatch, and Wi-Fi Enhancer.

If one of these malicious apps is installed on your gadget, it begins the rooting process. Having root access of your gadget means the scammers can do whatever they want on it. Hackers can use the access to spy on you using the camera and microphone, read texts and emails, install other viruses or anything else they want.

Stay with us on this...

Once Gooligan has root access to the infected gadget, it downloads a malicious module from the Command and Control (C&C) server and installs it. Code is then injected into running Google Play or Google Mobile Services to copy user behavior to avoid being detected.

The module lets Gooligan steal a user's Gmail account and authenticate token information. It can also install apps from Google Play and give them positive ratings to boost their reputation. It also installs adware to bring in revenue.

Who is affected?

Anyone who has an Android gadget that is running an older version of its operating system is at risk. These include Android 4 and 5, which are known as Android Jelly Bean, KitKat, and Lollipop. Nearly 75 percent of all Android users are running these operating systems.

The reason these older operating systems are at risk is because security patches designed to fix certain flaws are not available to them or the user never installed them.

You're also at risk if you download apps from third-party market places. It's a good idea to stay away from these and only get apps from trusted sources like the Google Play store. Even then, use caution!

The Gooligan malware can also infect your gadget if you click on malicious links sent through a phishing attack. Be especially careful!

What you need to know

With Gooligan, infected gadgets download and install software that heists tokens used to authenticate the owner's phone. These tokens give them access to Google related accounts without needing to enter a password. These accounts include Gmail, Google Play, Google Docs, Google Drive, Google Photos and G Suite.

You can find out if your gadget has been infected.

An online tool has been created by Check Point that will let you know if your gadget has been infected. Click here to access the Gooligan Checker tool. Once there, just type your Google address into the Gooligan Checker and it will tell you if you've been hacked.

One of the best ways to avoid Gooligan is to stay away from third-party app markets. However, since it is also being spread through phishing attacks you need to know how to avoid falling victim to them. Here are some things you can do:

  • Be cautious with links - If you get an email or notification from a site that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
  • Do an online search - If you get a notification about something that seems fishy, you should do an online search on the topic. If it's a scam, there are probably people online complaining about it and you can find more information.
  • Watch for typos - Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos.
  • Use multi-level authentication - When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
  • Have strong security software - Having strong protection on your family's gadgets is very important. The best defense against digital threats is strong security software.


More news stories you can't miss:

5 Google Flights secrets you never knew

Public Wi-Fi is more dangerous than you think

Scientists can now predict if you're going to die within five years

Next Story
Source: Arstechnica
View Comments ()
Facebook Messenger adds 17 classic games you'll love
Previous Happening Now

Facebook Messenger adds 17 classic games you'll love

Netflix finally offers the feature you've been waiting for!
Next Happening Now

Netflix finally offers the feature you've been waiting for!