Thursday, December 1, 2016

Gooligan, Google Malware: One Million Android Devices And Counting Infected , Here’s How To Check Your Device

     Hi buddies after a long time i have come with a very serious issue running around in the Android technology world .Yeah !! First, I'm really sorry for the long break, as I was engaged with some important projects I wasn't able to reach the blog. Now I gonna talk about the serious and vulnerable issue running around . Yeah !! Android smartphone users have another malware to worry about, one that can get access to data on their Gmail, Google Photos, etc. Gooligan Malware has affected over 1 million devices and is a serious threat, according to a report by security firm Check Point Research. In a blogpost Check Point, revealed that “the attack campaign, named Gooligan, breached the security of over one million Google accounts,” and that it continues to attack over 13,000 new devices on a daily basis.
 Gooligan, Gooligan Malware, Android Malware, Google, Google Android, Android Malware new, Gooligan Malware impact, Android, Android Malware problems, Android new Malware, How to Check for Gooligan

      According to the security firm, the malware “steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more,” which is a serious flaw. Check Point says it is in touch with Google Security Team and is working with them to find out the source of this malware campaign.

what exactly is Gooligan and how serious is the issue?

 Gooligan, Gooligan Malware, Android Malware, Google, Google Android, Android Malware new, Gooligan Malware impact, Android, Android Malware problems, Android new Malware, How to Check for Gooligan
       According to the research firm, it affects Android Jelly Bean, KitKat and Lollipop users, which is basically 74 per cent of the phones in the market. Unsurprisingly over 57 per cent of these phones are in Asia. The firm says they found multiple fake applications which were infected with the malware and those who’ve download these apps will find their devices are impacted by Gooligan. Check Point’s website has a full list of apps that are infected by this on their official blog.

How to check if you’re infected? What to do if you are?

        Check Point has a website created called (https) gooligan.checkpoint.com where users can enter their Gmail address and check if it was breached. For those whose accounts were breached, Check Point recommends flashing your phone, and a reinstallation of the OS on the mobile device. It is best to get this done at an authorised service centre and it is also recommended that users change their Google account password after doing so.

How does it impact your Android phone?

        Check Point says it found malware code for Gooligan in several third-party Android app stores, while some of these apps are installed using phishing scams. They first found the code in the malicious SnapPea app last year, and other security vendors had also reported this malware.
       According to the blog, “Logs collected by Check Point researchers show that every day Gooligan installs at least 30,000 apps fraudulently on breached devices or over 2 million apps since the campaign began.”
        One the infected app is installed, “it sends data about the device to the campaign’s Command and Control (C&C) server.” From there a rootkit is downloaded on the device, thanks to several security patches missing from phones running Android 4, 5. The rootkit then gives hacked full control of the device, who can then run “privileged commands remotely,” and steal authorised tokens which bypasses the need for two-factor authentication.
         Gooligan also injects a new “malicious module” into Google Play, which allows it to steal email data, install app from the Store and raise their ranking, install adware, etc. Check Point found how victims had left ratings, reviews for some apps even when they had no knowledge of installing the app.


Natty Kish

About Natty Kish

I'm Hari Kishan(Natty Kish) a Software Developer from India.I started TECHkish as a passion now it's empowering lot of readers globally and helping then to be updated with technology and earn money from their blog.TECHkish is all about tech news,gadgets,hacking and so on.Blend The TECHnology with TECHkish.