App-installing Malware, ‘Gooligan’, Found in over One Million Android Phones

By Hyvie Lewis, Posted: 12/01/16 07:00PM EST
Mechanized Android Figure
Hacked Android figure. It is triggered by sound, moves it's head and sends out Morse Code.(Photo : tanabata42/YouTube)

Android users, you might check your smartphone now.

Android devices have been facing massive malware attack in past few years as it many security flaws, and look like these vulnerabilities are bound to continue for some time now.

A security research team, Check Point Software Technologies recently reveals a new malware attack campaign called "Gooligan" that has reached over 1 million accounts as of today, according to a report by The Verge.

It is said that the devices vulnerable to the said malware attack are those operated by Android versions 4 and 5, Kit Kat and Lollipop. The malware spreads through third-party app stores disguising as authentic apps. Once the apps were installed, it will root the device to access to your system.

The infected devices will automatically download and install another app that steals authentication tokens and access Google account of the owner's device without entering the password. These tokens are allowed to access several Google products such as Gmail, Google Photos, Google Docs, Google Play, Google Drive and G Suite.

Gooligan is basically targeting the authentication token of each device. Once the token is acquired by the hacker, they will use it to access all your Google services. You might worry about your files and personal e-mails, but the report says that hackers did not access any data. Instead, the malware developers are using it increase their Google Play app rankings.

But how does it work? The malware will install authentic apps from the Google Play Store, giving each app with five-star marks and a good comment. With over a million devices affected, the result is a huge boost in the Play Store rankings.

Gooligan is probably the first to root over one million devices, and continuing to infect 13,000 devices per day. The victim is usually linked to enterprises and 57 percent of the infected devices are in Asia, where third-party apps store is widely used.

Although Google reports no personal data is accessed, prevention is really better than cure. To preclude the spread of the malware, it is also highly recommended to stop downloading Android apps from third-party stores, apart from the official Google store. 



© 2016 iSports Times All rights reserved. Do not reproduce without permission.

JOIN A CONVERSATION

New England Patriots Trading Jimmy Garoppolo to Cleveland Browns After RG3 Injury?

Jimmy Garoppolo performed well for the New England Patriots in Week 1, but his time as a starter mig... more

Denver Broncos WR Demaryius Thomas Returning Against Indianapolis Colts

The Denver Broncos may be getting a big shot in the arm if reports are true that wide receiver Demar... more

NFL Rumors: Cleveland Browns Signing Geno Smith To Replace Robert Griffin III

The Cleveland Browns find themselves in a very precarious position following the untimely injury to ... more

MLB Trade Rumors: Ryan Braun To LA Dodgers for Yasiel Puig

Imminent Blockbuster Trade seems to be a done deal for Dodgers' Yasiel Puig and Brewers' Ryan Braun more

MLB Standings & Playoff Race: Why the Chicago Cubs Should Fear the LA Dodgers

The return of Dodgers' pitcher Clayton Kershaw should put a scare on the Chicago Cubs' magical seaso... more

Cleveland Cavaliers Get DeMarcus Cousins For Kevin Love, Is It A Fair Deal?

The Cleveland Cavaliers don’t need much to improve for the coming season meaning Kevin Love trade ru... more

Miami Heat Should Trade Chris Bosh, Build Around Hassan Whiteside

The likelihood of Miami Heat big man Chris Bosh of leaving the team is getting bigger, as possible t... more

WWE No Mercy 2016 Latest News: AJ Styles vs. John Cena Revived, Dean Ambrose the Odd Man Out?

AJ Styles will put the WWE heavyweight title on the line at No Mercy in a Triple Threat match which ... more

Real Time Analytics