Android malware campaign exposes one million Google accounts

New Android malware breaches over a million Google accounts

"We're appreciative of both Check Point's research and their partnership as we've worked together to understand these issues", Google's director of Android security Adrian Ludwig told the researchers.

Vulnerable to the malware are users running Android operating systems Jelly Bean, KitKat and Lollipop - about three-quarters of all users, according to Check Point. Regarding this detail, he also said that the tech giant has been using Verify Apps, which is a service that scans individual handsets for any form of signs of the Android malware or other Ghost Push apps, sending the deviceĀ“s owner a warning when is detected. Since then it has wormed its way onto 1 million Android devices, now infecting around 13,000 devices every day.

Gooligan's main attack vector is through Android-based smartphones, attacking users that have downloaded infected apps. The best way to keep your Android device safe is to not download apps from third-party marketplaces and also do not click on links in messages if you are not sure where they are from.

Check Point reached out to the Google security team immediately with information on this campaign. These exploits still plague many devices today because security patches that fix them may not be available for some versions of Android, or the patches were never installed by the user. In August 2016, the malware reappeared with a new variant and has since infected at least 13,000 devices per day. Almost 60 percent of infected devices are in Asia, while about 20 percent are in the Americas.

Qamar Bajwa is new Pak Army Chief
His earlier picks were Gen Asif Nawaz Janjua (1991), Gen Waheed Kakar (1993), Gen Musharraf (1998) and Gen Raheel Sharif (2013). General Sharif has said that he is "ready to serve Pakistan" even after his retirement through helping military veterans.

The problem persists. Another 13,000 devices are getting infected and breached daily, according to Check Point researchers who have been tracking this type of cyberattack since past year. These operating systems now represent 74 percent of all Android devices on the market.

Gooligan also can install infected apps to submit fake reviews and higher ratings to promote further downloads.

If you're anxious your account may be compromised, Check Point has a handy tool that lets you check. It is recommended that users have to check their devices if they noticed an unusual pop-ups on their phone lately should check about their accounts through https://gooligan.checkpoint.com/.

This token allows the malware to take actions in the name of the user, even if Gooligan doesn't know the user's password. Once it finds its way into handsets via malicious mobile apps, Ghost Push/Gooligan performs all kinds of annoying tasks, including sending users pop-ups ads and trying to install yet more apps, including some from the Google Play app store, on their handsets. A little known power that Google wields is the ability to remove or install applications on users' devices, regardless of whether it's a Google Nexus or Pixel phone or an Android phone made by some other manufacturer.

Related:

Comments


Other news