You are here: Home » PTI Stories » National » News
Business Standard

Over 1 mn Google accounts breached by Gooligan: Check Point

Press Trust of India  |  New Delhi 

A new variant of an Android malware called "Gooligan" is believed to have breached the security of over one million Google accounts.

According to security firm Check Point Software Technologies, the malware roots Android devices and steals email addresses and authentication tokens stored on them.



This can give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite, it said.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products Michael Shaulov said.

No immediate comment could be received from Google on the matter.

Check Point's report said the malware campaign infects 13,000 devices each day and that Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74 per cent of Android devices in use today.

About 40 per cent of these devices are located in Asia and about 12 per cent are in Europe.

After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim, the report said.

"Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began," it added.

The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack text messages.

Check Point said it has reached out to the Google security team immediately with information on this campaign.

"We appreciate Check Point's partnership as we've worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall," Google's director of Android security Adrian Ludwig was quoted as saying.

Among other actions, Google has contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.

Check Point's Mobile Research Team first encountered Gooligan's code last year and in August this year, the malware reappeared with a new variant and has since infected at least 13,000 devices per day.

Check Point is offering a free online tool that allows users to check if their account has been breached.

"If your account has been breached, a clean installation of an operating system on your mobile device is required. For further assistance, you should contact your phone manufacturer or mobile service provider," Shaulov said.

(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

RECOMMENDED FOR YOU

Over 1 mn Google accounts breached by Gooligan: Check Point

A new variant of an Android malware called "Gooligan" is believed to have breached the security of over one million Google accounts. According to security firm Check Point Software Technologies, the malware roots Android devices and steals email addresses and authentication tokens stored on them. This can give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite, it said. "This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products Michael Shaulov said. No immediate comment could be received from Google on the matter. Check Point's report said the malware campaign infects 13,000 devices each day and that Gooligan targets devices on Android 4 (Jelly Bean, KitKat) ... A new variant of an Android malware called "Gooligan" is believed to have breached the security of over one million Google accounts.

According to security firm Check Point Software Technologies, the malware roots Android devices and steals email addresses and authentication tokens stored on them.

This can give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite, it said.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products Michael Shaulov said.

No immediate comment could be received from Google on the matter.

Check Point's report said the malware campaign infects 13,000 devices each day and that Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74 per cent of Android devices in use today.

About 40 per cent of these devices are located in Asia and about 12 per cent are in Europe.

After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim, the report said.

"Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began," it added.

The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack text messages.

Check Point said it has reached out to the Google security team immediately with information on this campaign.

"We appreciate Check Point's partnership as we've worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall," Google's director of Android security Adrian Ludwig was quoted as saying.

Among other actions, Google has contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.

Check Point's Mobile Research Team first encountered Gooligan's code last year and in August this year, the malware reappeared with a new variant and has since infected at least 13,000 devices per day.

Check Point is offering a free online tool that allows users to check if their account has been breached.

"If your account has been breached, a clean installation of an operating system on your mobile device is required. For further assistance, you should contact your phone manufacturer or mobile service provider," Shaulov said.

(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

image
Business Standard
177 22

Over 1 mn Google accounts breached by Gooligan: Check Point

A new variant of an Android malware called "Gooligan" is believed to have breached the security of over one million Google accounts.

According to security firm Check Point Software Technologies, the malware roots Android devices and steals email addresses and authentication tokens stored on them.

This can give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite, it said.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products Michael Shaulov said.

No immediate comment could be received from Google on the matter.

Check Point's report said the malware campaign infects 13,000 devices each day and that Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74 per cent of Android devices in use today.

About 40 per cent of these devices are located in Asia and about 12 per cent are in Europe.

After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim, the report said.

"Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began," it added.

The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack text messages.

Check Point said it has reached out to the Google security team immediately with information on this campaign.

"We appreciate Check Point's partnership as we've worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall," Google's director of Android security Adrian Ludwig was quoted as saying.

Among other actions, Google has contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.

Check Point's Mobile Research Team first encountered Gooligan's code last year and in August this year, the malware reappeared with a new variant and has since infected at least 13,000 devices per day.

Check Point is offering a free online tool that allows users to check if their account has been breached.

"If your account has been breached, a clean installation of an operating system on your mobile device is required. For further assistance, you should contact your phone manufacturer or mobile service provider," Shaulov said.

(This story has not been edited by Business Standard staff and is auto-generated from a syndicated feed.)

image
Business Standard
177 22

Upgrade To Premium Services

Welcome User

Business Standard is happy to inform you of the launch of "Business Standard Premium Services"

As a premium subscriber you get an across device unfettered access to a range of services which include:

  • Access Exclusive content - articles, features & opinion pieces
  • Weekly Industry/Genre specific newsletters - Choose multiple industries/genres
  • Access to 17 plus years of content archives
  • Set Stock price alerts for your portfolio and watch list and get them delivered to your e-mail box
  • End of day news alerts on 5 companies (via email)
  • NEW: Get seamless access to WSJ.com at a great price. No additional sign-up required.
 

Premium Services

In Partnership with

 

Dear Guest,

 

Welcome to the premium services of Business Standard brought to you courtesy FIS.
Kindly visit the Manage my subscription page to discover the benefits of this programme.

Enjoy Reading!
Team Business Standard