Articles
Pages
Products
Research Papers
Blogs
Search Engines
Events
Webinar, Seminar, Live Classes
Saturday, 10 December 2016 03:43

Malware attacks over 1M Google accounts

By: 

Malware called Gooligan breached the security of more than 1 million Google accounts, initially spreading through “tens of fake apps”, according to security firm Check Point.

Gooligan potentially affects devices using older (but still common) versions of Android, including Jelly Bean, KitKat and Lollipop. The majority of such devices (57 per cent) are in Asia, with 9 per cent in Europe.

Check Point added that the campaign is attacking 13,000 additional devices each day.

The firm found that every day Gooligan installs at least 30,000 apps fraudulently on breached devices, totalling more than 2 million apps since it began.

According to Adrian Ludwig, director of Android security at Google, the tech giant has investigated the case and found no evidence of user data access.

He said Google is working to strengthen the Android ecosystem security and recommends users update their devices to ones that support newer Android software.

Google is also working with the internet service providers that provide infrastructure used to host and control the malware.

“Taking down this infrastructure has disrupted the existing malware, and will slow the future efforts,” Ludwig said.

How it works

Gooligan roots infected devices and steals authentication tokens that can be used to access data from services including Google Play, Gmail, Google Photos, and Google Docs.

It uses Google credentials to generate fraudulent installs of other apps.

CheckPoint explained it found traces of the Gooligan malware code in dozens of legitimate-looking apps on third-party Android app stores, which are an “attractive alternative” to Google Play because many of their apps are free, or offer free versions of paid apps.

However, the security of these stores and the apps they sell aren’t always verified. Gooligan-infected apps can also be installed using phishing scams where attackers broadcast links to infected apps to unsuspecting users via SMS or other messaging services.

Source : https://www.mobileworldlive.com

Leave a comment

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.
Please wait
online research banner

airs logo

AIRS is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Subscribe to AIRS Newsletter

Receive Great tips via email, enter your email to Subscribe.
Please wait

Follow Us on Social Media