1 Million Google Accounts Hacked By Gooligan Malware


Google Accounts Hacked

All you Android mobile owners now have to be really careful! Yes, there’s an Android malware that has already breached more than 1 Million Google accounts. It is infecting around 13,000 devices every day.


Dubbed “Gooligan”, the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them.

Hijacks Google Accounts

With this information in hand, the attackers are able to hijack your Google account and access your sensitive information from Google apps. The list includes Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite. Researchers found traces of Gooligan code in dozens of legitimate-looking Android apps on 3rd-party app stores, which if downloaded and installed by an Android user, the malware starts sending your device’s information and stolen data to its Command and Control (C&C) server.

“Gooligan then downloads a rootkit from the C&C server. The rootkit takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153),” researchers said in a blog post.

“If rooting is successful, the attacker has full control of the device and can execute privileged commands remotely.”

CheckPoint Security

According to CheckPoint security researchers, who uncovered the malware, anyone running an older version of the Android operating system are at risk. This includes Android 4.x (Jelly Bean, KitKat) and 5.x, (Lollipop). This represents nearly 74% of Android devices in use today.

“These exploits still plague many devices today because security patches that fix them may not be available for some versions of Android. Or the patches were never installed by the user.”

Researchers added. Once hacked into any Android device, Gooligan also generates revenues for the cyber criminals. This is done by fraudulently buying and installing apps from Google Play Store and rating them and writing reviews on behalf of the phone’s owner. The malware also installs adware to generate revenue.

The question

“How to check if your Google account has been compromised with this malware?”

The answer

The answer to this perplexing question is that Check Point has published an online tool to check if your Android device has been infected with the Gooligan malware. Just open ‘Gooligan Checker’ and enter your Google email address to find out if you’ve been hacked.

The way you can fix this problem if you are facing it is as following:

If you found yourself infected, Adrian Ludwig, Google’s director of Android security, has recommended you to run a clean installation of the operating system on your Android device.

This process is called ‘Flashing,’ which is quite a complicated process. So, the company recommends you to power off your device and approach a certified technician or your mobile service provider in order to re-flash your device

Vulnerable Apps

What apps might have infected you after you downloaded them?

1.Perfect Cleaner


3.WiFi Enhancer


5.Html5 Games


7.memory booster



10Flashlight Free

11.memory booste

12.Touch Beauty


14.Small Blue Point

15.Battery Monitor

16.UC Mini

17.Shadow Crush

18. Music Cloud

And many more.

Author: Ayesha Siddique is a mechanical engineering student currently in her junior year. She has an obsession for automobiles and makeup.
Previous ArticleNext Article