Gooligan: The Android malware which has compromised over a million Google accounts

2 December, 2016 Security


Gooligan is a malware that hides within Android applications found mainly outside the Play Store, but it has recently been found that multiple apps available on the Play Store are also infected by it. The malware utilizes two vulnerabilities (Vroot and Towelroot) prevalent in pre-Marshmallow Android builds to root devices and gain access to email information, as well as authentication tokens, including those of your Google account. Gooligan then uses this unauthorized access to install applications from the Play Store itself. This of course, is done to increase the revenue associated with in-app ads. Additionally, the afflicted accounts are made to leave a 5-star review for the concerned app, without the user even being aware of what's going on.


If your device is running on Android Lollipop or an even lower version of the Android OS, Gooligan can affect your device. The secret malware was found by a cyber security firm called Check Point and they have since reported that Gooligan can access Gmail, Google Photos, Google Docs, G Suite, Google Play and Google Drive on all the 1 million plus devices that it affects right now. In response to the report, Adrian Ludwig, head of Android Securities, has explained that so far, the malware, which is a variant of the previously discovered Ghost Push, has not shown any intent to steal information and has instead been only associated with promoting in-app revenue through falsified reviews and unauthorized app installations. Google has since revoked all affected tokens and has banned multiple affected apps from the Play Store.


In the words of Check Point, "Gooligan potentially affects devices on Android 4 Jelly Bean and KitKat, and 5 Lollipop, which is over 74 percent of in-market devices today. About 57 percent of these devices are located in Asia and about nine percent are in Europe,"


In order to check and see if you are affected by Gooligan, enter your email address and see for yourself at: https://gooligan.checkpoint.com/


Head over to https://forum.youmobile.org/downloads/ to find all the latest updates for your smartphone.


Saikat Kar (tech-enthusiast)

Description

youmobileorg
Posts: 8655





© 2023 YouMobile Inc. All rights reserved