Skip to the main content.

1 min read

One Million Google Accounts Have Been Exposed By Android Malware

Researchers with Check Point Software recently released a report on a new strain of Android malware called Gooligan. This malware has compromised more than a million Google accounts, and is expected to effect at least another 13,000 accounts as users continue to download the infected applications responsible.

Gooligan’s origins have been traced back to an app called SnapPea, which was identified as malware a year ago. Since then, it has popped up in dozens of other seemingly-legitimate apps available for download in third party Android stores, which are popular with users searching for a free alternative to paid apps. As these app stores are not controlled by Google, downloading applications through them is firmly discouraged by Google. Only applications downloaded through the Google Play store are scanned for malware or other issues.

Users who bypass the safeguards offered by Google Play are at risk of dangerous malware infections. Gooligan is especially harmful, as it gains access to a user’s entire Google account. These Gooligan-infected apps can also be downloaded to your devices through phishing scams that forward download links to unsuspecting users through text messages, or other mobile messaging services.

Android MalwareA device that has been infected by Gooligan has the ability to grant hackers access to any data stored in the user’s Google Docs, Google Drive, Google Photos, Gmail, and Google Play accounts. The bulk of the infections occurred in Asia (57%), with the Americas coming in a distant but no less alarming second (19%).

Gooligan is able to do more than just steal private data. The malware can take your account and token authentication information, and use it to install adware that generates revenue for the hacker. It can also use your credentials to install app from Google Play and boost their approval rating – which explains why you will sometimes find truly awful apps in the Google Play store with high ratings.

This is believed to be the biggest Google Account breach to date. Google has been made aware of the situation, and has already taken steps to protect their users and improve the security of the Android system overall. Check Point Software provides a tool that will allow you to find out if your account has been compromised. You can check your account here.

Want to learn more about the steps you can take to keep your devices safe from malware? Contact us at {email} or {phone}. We’re the IT professionals businesses in {city} trust.

Capital One Data Breach Affects More Than 100 Million Customers

Capital One Data Breach Affects More Than 100 Million Customers

Capital One Data Breach Affects More Than 100 Million Customers and Small Businesses in The U.S. & 6 Million in Canada On July 29, 2019, Capital One...

Read More
A Handy Guide to Google’s Best Search Shortcuts to Make YOUR Day More Productive!

A Handy Guide to Google’s Best Search Shortcuts to Make YOUR Day More Productive!

There’s more to Google Search than meets the eye. The capabilities of the world’s premier search engine are obscured by its deceptively simple...

Read More
Over 5 Million Gmail Accounts Hacked! What Can Business Professionals Do To Protect Themselves Online?

Over 5 Million Gmail Accounts Hacked! What Can Business Professionals Do To Protect Themselves Online?

You hear a lot of chatter these days claiming that hackers have managed to pull your confidential information out of Google. There will always be...

Read More