Gooligan Malware Infects Android, Compromises Owner’s Google Account

According to Check Point Software Technologies Ltd. a cyber security company, malicious software after infecting older Android phones hacked into over 1m Google accounts.

The malicious software dubbed Gooligan proliferates via another malicious program that intermediate application stores install, alternatively via phishing campaigns. After getting loaded onto the phone, it grabs all of local data, acquires the device's root access as well as downloads one module which makes it capable of stealing the phone owner's electronic mail account along with the authentication tokens of Google which allows it to access various Google items on the user's Android phone without entering a password. The different items are Google Photos, Google Doc. files, Google Suite, Google Drive and Google Play A/C. Gooligan may also infect Android devices via its owners directly clicking on malevolent web-links.

The Gooligan malware assault happens to enable seizure of Google A/Cs in a way never like before, explains Forbes. However, this seizure isn't for stealing the Google users' personal information rather for compelling them towards pulling down applications associated with a malvertising scheme which churns every month up to USD 320K, says Check Point's chief of mobile and cloud security Michael Shaulov to Forbes. Cnet.com posted this, November 30, 2016.

Moreover, after the Gooligan gains hold over the phone, it siphons off the Google A/C token of the victimized user onto one remote server while utilizes it for acquiring admission into his Photos, Drive, Docs, Gmail along with other data, in spite of the 2F-authentication enabled. Check Point's security researchers managed tracking that server, unearthing as numerous as 1.3m true Google accounts. They also examined the server logs and determined a good 30,000 applications that infected phones downloaded daily, with 2m in all accounted for hitherto. Several hundred firms have had their Google accounts attacked as well, Check Point cautions.

As of best defense from such malware users must not download applications that un-trusted sources may offer rather obtain them from Google's Play Store. Pursuing suspicious web-links from text messages or e-mails must be avoided as well since those could be part of phishing assaults aimed at unwitting Android owners.

» SPAMfighter News - 12/6/2016