App-installing Malware, ‘Gooligan’, Found in over One Million Android Phones
Android users, you might check your smartphone now.
Android devices have been facing massive malware attack in past few years as it many security flaws, and look like these vulnerabilities are bound to continue for some time now.
A security research team, Check Point Software Technologies recently reveals a new malware attack campaign called "Gooligan" that has reached over 1 million accounts as of today, according to a report by The Verge.
It is said that the devices vulnerable to the said malware attack are those operated by Android versions 4 and 5, Kit Kat and Lollipop. The malware spreads through third-party app stores disguising as authentic apps. Once the apps were installed, it will root the device to access to your system.
The infected devices will automatically download and install another app that steals authentication tokens and access Google account of the owner's device without entering the password. These tokens are allowed to access several Google products such as Gmail, Google Photos, Google Docs, Google Play, Google Drive and G Suite.
Gooligan is basically targeting the authentication token of each device. Once the token is acquired by the hacker, they will use it to access all your Google services. You might worry about your files and personal e-mails, but the report says that hackers did not access any data. Instead, the malware developers are using it increase their Google Play app rankings.
But how does it work? The malware will install authentic apps from the Google Play Store, giving each app with five-star marks and a good comment. With over a million devices affected, the result is a huge boost in the Play Store rankings.
Gooligan is probably the first to root over one million devices, and continuing to infect 13,000 devices per day. The victim is usually linked to enterprises and 57 percent of the infected devices are in Asia, where third-party apps store is widely used.
Although Google reports no personal data is accessed, prevention is really better than cure. To preclude the spread of the malware, it is also highly recommended to stop downloading Android apps from third-party stores, apart from the official Google store.
© 2016 iSports Times All rights reserved. Do not reproduce without permission.