A new malware, coined Gooligan has begun infecting millions of Google accounts, breaching nearly 15,000 new devices each day.
The malware, which settles in and affects mostly older versions of Android systems, steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.
“We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” said Adrian Ludwig, Google’s director of Android security. “As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”
It is predicted that Gooligan can infect about 75% of Android devices, including those running Android 4 – which include the Jelly Bean and KitKat operating systems – and Android 5, which runs on Lollipop.
The malware was found to have been contained in tens of thousands of fake applications, and there is being a page developed to check whether or not your device has been infected. This can be accessed here: https://gooligan.checkpoint.com/.