“Gooligan” Malware Hacks 1 Million Google Accounts, Here’s How To Check If You’re Affected

“Gooligan” Malware Hacks 1 Million Google Accounts, Here’s How To Check If You’re Affected


gooligan-malware
Short Bytes: A new Android malware, named Gooligan, is here to compromise your Google accounts. It steals the account authorization keys and installs malicious adware on devices. With a 1 million infected devices, Gooligan continues to infect 13,000 new devices each day. Check Point has released an online tool to check if your Google account has been compromised by this dangerous malware.
Reputed security firm Check Point has found a new malware in the wild that’s being exploited to hack the user accounts of Google users. This attack has been named Gooligan and it has already breached the security of more than 1 million Google accounts.
The researchers have published a blog post detailing how Gooligan malware roots the infected devices and steals authorization tokens. As a result, the attacker can access a user’s various Google accounts like Gmail, Play, Photos, Docs, Drive, etc.

How does Gooligan compromise Google accounts?gooligan-malware-working-1

Gooligan is chiefly spreading through infected Android applications. Once it finds its place on an Android device, the malware sends data about the device to its Command and Control (C&C) server. It’s followed by the downloading of a rootkit from C&C server. The payload roots the device and the attacker gets unrestricted remote code execution access to the device
After rooting, Gooligan downloads a new module that injects code into Google Play or Google Mobile Services to impersonate the user behavior. Ultimately, this module steals Google account authentication and token information. Gooligan also installs apps from Play Store and rates them to improve their ranking. Another notorious activity performed by Gooligan is the installation of adware to generate revenue.
INFECTED VERSIONS ARE ANDROID JELLY BEAN, KITKAT, AND LOLLIPOP
This way, malware continues to infect 13,000 new devices each day.
The potentially infected Android versions are Android Jelly Bean, KitKat, and Lollipop — a group that accounts for about 75% devices in the market. Out of these, 57% devices are located in Asia and 9% are in Europe.

How to check if Gooligan has compromised your Google account?

Check Point has released an online tool that lets you check if your Android smartphone has been infected. Simply visit https://gooligan.checkpoint.com/ and enter your email account to perform the security test.
Just in case your device has been breached, you should perform a clean installation of your mobile OS or ‘re-flash’ it. Also, it goes without saying that one should change the Google account passwords immediately.
Check Point has informed Google Security team regarding this malware campaign and they’re working to investigate the issue.
Did you find this article on Gooligan malware helpful? Share your feedback in the comments below.

Comments

Post a Comment

Popular posts from this blog

Learn Programming For Free | Best Learning Resources

Image
Learn Programming For Free | Best Learning Resources Short Bytes:  Many universities have free educational offerings in a variety of disciplines. This can make it exceedingly easy to obtain a slightly more formal education in many fields than simply reading odds and ends online. Here are some universities and their websites where you can take full advantage of their generosity. T here are always some inherent difficulties to studying without the benefit of a mentor or formal teacher. It often boils down to the fact that you don’t know what you don’t know. That is to say, you are unaware of the materials that you should learn in order to progress in your study. Many websites to aim to help with this, but without a curriculum, it can be fairly difficult to make your way from point  A  to point  B , and even with a curriculum to follow, you still might have to hunt down some good examples and tutorials on the different components of that curriculum. Not very many people are aware
Read more

How To Enable/Disable Secure Boot In Windows 8, 8.1, And 10?

Image
How To Enable/Disable Secure Boot In Windows 8, 8.1, And 10? Short Bytes:  Windows 8 and later versions of Windows come with UEFI Firmware settings which allow a user to disable any external intervention via USB, external drive etc. This is called Secure Boot option in Windows 8 operating system. Disabling the secure boot option in the Windows 8, or later, can help you interfere externally with your Windows and install operating systems other than Windows. S ometimes, we want  two operating systems to run on our PCs- -Windows and Ubuntu, or Windows and Fedora. If the secure boot option is enabled on your computer, it might not allow booting two operating systems. So, you need to disable secure boot on your personal computer in order to do some external intervention in Windows. Secure Boot option is integrated with BIOS of your PC. So, in short, you need to restart your PC in the BIOS mode and change the secure boot option there. Here’s how to do it– What is the sec
Read more

How to Keep Your WhatsApp Data Safe With Google Drive and Encryption

Image
How to Keep Your WhatsApp Data Safe With Google Drive and Encryption Short Bytes:  To keep your WhatsApp data safe and encrypted,   WhatsApp has partnered with Google Drive. Take a look to know how to enable this lifesaver feature. L osing all the precious WhatsApp pictures and videos is something that a good friend of mine faced recently. There are some simple ways to  recover data from your external SD-card , but getting the same from your smartphone’s internal memory is a tough job. Now, WhatsApp has brought a lifesaver functionality in its instant messaging app by joining hands with Google to keep your WhatsApp data safe. Now, losing your WhatsApp pictures, chats, videos and videos are a thing of past due to the newly-introduced integration of Google Drive with WhatsApp. On its blog, Google announced a new partnership, that will let you create a private Google Drive backup of your chat history, voice messages, photos, and videos for the Android WhatsApp app. As
Read more