‘Gooligan’ Malware Is Dangerous: How Millions Of Android Device Breached The Security Measures Of Google?

By Michael Davis - 01 Dec '16 19:45PM

Malware is attacking cyber consumer and it started security breached to millions of Google Accounts estimated affecting thirteen thousand devices a day. "Gooligan" salvages email credentials and authentication tokens kept on Android Devices.

The authentication tokens are obtained unnecessarily from its user and this will allow hackers to use their data on Google products such as Google Photos, Google Play, Google Docs, Google Drive, and Gmail, everything that Google covers. Check Point made the necessary move to reach Google Security Team.

Google's director of Android security Adrian Ludwig said, "We're appreciative of both Check Point's research and their partnership as we've worked together to understand these issues." He added they took the necessary steps to protect the users, remove the malware affecting Android Devices through Google, and develop better security features.

The Proportioned affected devices on data based on the continent taking at least 40% of Asia and 12% in Europe. Cleared further, it targets android user using Android Jelly Bean, KitKat, and Lollipop which represent 74% of Android Users, reported on Mirror. There are measures to identify if your device is "gooligan" affected. "If your account has been breached, a clean installation of an operating system on your mobile device is required," said a source. Make sure to check that the applications being downloaded in the future are "gooligan" free.

"Gooligan" works like this, an attacker equipped with a server and it programmed an application which is phished so consumer will download it to their android devices. Once installed, it injects code into "Google Play" which makes it download other applications that helps steal email accounts and authentication tokens. It then Roots device and download a new module. After the malware collects data about the device and download root kits.

Experts advice to always get aware of the application before downloading. In fact, it says never download un-trusted applications that are new further self-research must require before taking any other action.