Header Ads

More then One Million Android Users Hacked - You too may be the one among them.

CheckPoint Security firm discovered a new Android malware named Gooligan.
 It has already compromised more than a million Google Accounts.
Another malware called "Gooligan", is endangering Android users.
The Gooligan Android malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them.

Must read: Is your phone hacked

The compressed information is used by criminals to hack victims’ Google account and access sensitive data from Google apps including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.

“Gooligan broke the security of over one million Google accounts. The number continues to increase by an addition of about 13,000 breached devices each day,” reported CheckPoint.

“Our research exposes how the malware roots infected devices and steal authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.”

Experts from the security firm CheckPoint have discovered dozens of legitimate-looking Android apps containing the Gooligan malware. These mobile apps were available for the download on third-party stores, but experts also highlighted that the malware could be downloaded users directly by tapping malicious links embedded in malicious messages.

Google shared the statement about the issue & also stated that they are taking numerous steps including proactively notifying affected accounts, revoking affected tokens and deploying SafetyNet improvements to protect users from these apps in the future.

In the following sections, we provide more answers regarding the campaign.

Who is affected?

Gooligan probably affects devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which is over 74% of in-market today. About 57% of these devices are located in Asia and about 9% are in Europe.

"The infection activates once the user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages," the company said in a statement.

Powered by Blogger.