Over a million Google accounts compromised by malware
Research teams reveal a new and alarming malware campaign named Gooligan. Gooligan breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day.
According to a security firm, the malware “Gooligan” could give an attacker access to your Google life under certain circumstances.
The malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.
The Gooligan Blue Print
Gooligan potentially affects devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which is over 74% of in-market devices today. About 57% of these devices are located in Asia and about 9% are in Europe.
There are several fake applications infected with this malware. If you’ve downloaded one of the apps listed in Appendix A, below, you might be infected. You may review your application list in “Settings -> Apps”, if you find one of this applications, please consider downloading an antivirus product(google) to check if you are indeed infected.
If your account has been breached, the following steps are required:
- A clean installation of an operating system on your mobile device is required (a process called “flashing”). As this is a complex process, we recommend powering off your device and approaching a certified technician, or your mobile service provider, to request that your device be “re-flashed.”
- Change your Google account passwords immediately after this process.