Do you use your Google accounts on your Android phone? Then you may need to watch out for “Gooligan”, a new malware.
The malware steals authentication tokens to access data from Gmail, Google Docs, Google Drive and more, and then installs certain apps on a user’s phone and highly rates them. The mission: to install adware to generate revenue for those apps (which reportedly raked in as much as US$320,000 a month).
Scarily, the hacked Google accounts are mostly in Asia (about 70%).
The malicious code appears to affect devices running Android 4 (in versions known as Jelly Bean and KitKat) and Android 5 (Lollipop).
To date, Gooligan has infected more than 1 million accounts, according to research released from cyber security company Check Point, and that figure is growing by a massive 13,000 devices per day. Check this site to see if your Google account was breached.
If your phone is infected, things get a little more difficult. Check Point recommends installing a clean operating system on your phone. This is complicated, so it’s best to turn off your device and get professional help. Once your phone has been fixed, make sure you change all your Google passwords.
Gooligan uses Google credentials on older versions of Android to generate fraudulent app installs. So far, there has been no evidence of the hackers accessing user data.