Google Accounts Hacked
All you Android mobile owners now have to be really careful! Yes, there’s an Android malware that has already breached more than 1 Million Google accounts. It is infecting around 13,000 devices every day.
Gooligan
Dubbed “Gooligan”, the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them.
Hijacks Google Accounts
With this information in hand, the attackers are able to hijack your Google account and access your sensitive information from Google apps. The list includes Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite. Researchers found traces of Gooligan code in dozens of legitimate-looking Android apps on 3rd-party app stores, which if downloaded and installed by an Android user, the malware starts sending your device’s information and stolen data to its Command and Control (C&C) server.
“Gooligan then downloads a rootkit from the C&C server. The rootkit takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153),” researchers said in a blog post.
“If rooting is successful, the attacker has full control of the device and can execute privileged commands remotely.”
CheckPoint Security
According to CheckPoint security researchers, who uncovered the malware, anyone running an older version of the Android operating system are at risk. This includes Android 4.x (Jelly Bean, KitKat) and 5.x, (Lollipop). This represents nearly 74% of Android devices in use today.
“These exploits still plague many devices today because security patches that fix them may not be available for some versions of Android. Or the patches were never installed by the user.”
Researchers added. Once hacked into any Android device, Gooligan also generates revenues for the cyber criminals. This is done by fraudulently buying and installing apps from Google Play Store and rating them and writing reviews on behalf of the phone’s owner. The malware also installs adware to generate revenue.
The question
“How to check if your Google account has been compromised with this malware?”
The answer
The answer to this perplexing question is that Check Point has published an online tool to check if your Android device has been infected with the Gooligan malware. Just open ‘Gooligan Checker’ and enter your Google email address to find out if you’ve been hacked.
The way you can fix this problem if you are facing it is as following:
If you found yourself infected, Adrian Ludwig, Google’s director of Android security, has recommended you to run a clean installation of the operating system on your Android device.
This process is called ‘Flashing,’ which is quite a complicated process. So, the company recommends you to power off your device and approach a certified technician or your mobile service provider in order to re-flash your device
Vulnerable Apps
What apps might have infected you after you downloaded them?
1.Perfect Cleaner
2.Demo
3.WiFi Enhancer
4.Snake
5.Html5 Games
6.Demm
7.memory booster
8.StopWatch
9.Clear
10Flashlight Free
11.memory booste
12.Touch Beauty
13.Demoad
14.Small Blue Point
15.Battery Monitor
16.UC Mini
17.Shadow Crush
18. Music Cloud
And many more.