1 Million Google Accounts Exposed by Gooligan

Dora Szabo

A new piece of the Android malware called Gooligan has surfaced recently, reportedly infecting 13000 devices each day and putting more than 1 million Google accounts at risk.

If your device uses Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), we would recommend you investigate whether you have been infected.

The malware is transmitted by downloading third-party apps. Once the application is on your device, it gathers your sensitive data and gains root access, which means the software can literally take control of your device.

With people keeping more and more personal data on their smartphones, this could have far reaching implications. As well as Gmail, it will also access your Google photos, Google Docs, Google Play etc. meaning plenty of sensitive information will be at risk.

How does Gooligan infect your device?

The below infographic illustrates exactly how Gooligan works:

Gooligan Campaign - Gravytrain

Source: http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/

How can you find out if your device is infected?

Check Point Software Technologies, a worldwide leader in internet security, created this checkpoint to see whether your data is at risk. Enter your email address and the application will tell you straight away whether or not your account was breached.

What to do if your information was stolen?

This is what Shaulov, CheckPoint’s head of mobile products said about the next steps you should take if you are affected:

“If your account has been breached, a clean installation of an operating system on your mobile device is required. For further assistance, you should contact your phone manufacturer or mobile service provider.”

Google responded quickly to this crisis. Director of Android security Adrian Ludwig made the following announcement:

 “We’ve taken many actions to protect our users and improve the security of the Android ecosystem overall. These include: revoking affected users’ Google Account tokens, providing them with clear instructions to sign back in securely, removing apps related to this issue from affected devices, deploying enduring Verify Apps improvements to protect users from these apps in the future and collaborating with ISPs to eliminate this malware altogether.”

To help protect yourself against these vicious viruses, do not click on suspicious links in messages, never download unknown apps from third-party market places, and finally by changing your Google account password regularly.