It’s been uncovered that an Android-based malware called Gooligan has compromised 1 million accounts. Many of them are users from an enterprise.
Android Versions
Check Point Software Technologies have stated that about 86 apps are available. When one of the apps is installed, rooting is processed to get access to phones that are working with Android’s Jelly Bean, Ice Cream Sandwich, KitKat, and Lollipop. All of this is a total of 74% users.
When the device is rooted, it downloads and installs software that takes authentication tokens to which gives access to Google-related accounts such as Google Photos, Google Docs, Google Play, Google Drive, G Suite, and Gmail.
Ghost Push
This is not the first time a similar malware came to light. In September 2015, Ghost Push was brought to attention. Still, Gooligan is said to be a more aggressive variant than the latter. Still, these no evidence that Gooligan was available in the Google Play Market. Additionally, about 57% of those affected are from Asia, 19% are found in the Americas, 15% were from Africa, and the last 9% were from Europe.
Compromised
Users who have taken apps from third-party markets can now check if their account has been breached.
If you are affected by this malware, the only way to fix the issue is by reflashing the phones with a clean Android installation. After this, it is recommended to change all of your Google passwords immediately.
What are your thoughts of this breach? Is our identity truly safe out there?
