‘Gooligan’ malware hits more than 1M Google accounts

A malware campaign named Gooligan has affected more than 1 million Google accounts, with more than 13,000 Google accounts being breached each day, a security firm said. Google said it found no evidence the malicious software campaign accessed user data. File Photo by Asif Islam/Shutterstock

MOUNTAIN VIEW, Calif., Dec. 1 (UPI) — The Check Point security firm said more than 1 million Google accounts have been affected by a malicious software campaign called Gooligan.

The malware affects devices on the Android 4 and 5 mobile operating systems, which account for about 74 percent of in-market devices, Check Point said. About 57 percent of those phones are used in Asia, 19 percent in the Americas, 15 percent in Africa and 9 percent in Europe.

“The attack campaign, named Gooligan, breached the security of over 1 million Google accounts. The number continues to rise at an additional 13,000 breached devices each day,” Check Point said in a statement. “Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.”

Google said it found no evidence Gooligan accessed user data. Instead, the malware forces people to download applications as part of an advertising fraud scheme that generates up to $320,000 a month, Michael Shaulov, head of mobile and cloud security at Check Point, told Forbes.

“We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” Adrian Ludwig, Google’s director of Android security, said in a statement. “As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”

Check Point created a webpage in which people can check whether their account has been compromised.

“We believe that it is the largest Google account breach to date, and we are working with Google to continue the investigation. We encourage Android users to validate whether their accounts have been breached,” Check Point said.

LEAVE A REPLY

Please enter your comment!
Please enter your name here