There is a new strain of malware that is infecting Android devices. The news was first released by Israeli security researchers at Check Point. The malware is rumored to have hacked over a million Google accounts. According to experts, the malware can be used to steal data from Google Drive, Gmail accounts and Google Photos.
Gooligan was first discovered in August 2016. It is estimated that more than 2 million Apps were installed on devices. Most infected devices are in Asia, almost 57%. North and South America a combined 19%, African continent 15 % and 9% is in Europe.
Adrian Ludwig, director of Android security however is not that sure about Check Point claims. According to him, the malware does not steal any personal data. Instead, the malware promotes themselves by installing on as many devices as possible through the Apps. Google is currently working with Check Point to tackle the malware completely.
Find out how Gooligan works
Gooligan gets installed on a device using a legitimate looking App that gets installed on a device. The malware then sends details about device details to a command and control center. The command center in return send out rootkits which are installed in these devices. Once the root level permission is obtained, the device can be used to execute commands, steal users google account and authentication token, install adware to generate income etc.
The profit for the malware developer is through money generated by selling google account details and money from referral ads using adware.
How to check if Gooligan breached your account
It is possible that your Google account is breached. Security researchers Check Point has launched a website to make the checking easier.
- Check the Check Point website link
- Enter your email address
- Tick ‘I am not a robot’
- Click Check
The result will be displayed as a pop up.