A new Android malware, named Gooligan, is here to compromise your Google accounts. It steals the account authorization keys and installs malicious adware on devices. With a 1 million infected devices, Gooligan continues to infect 13,000 new devices each day. Check Point has released an online tool to check if your Google account has been compromised by this dangerous malware.
How does Gooligan compromise Google accounts?
NFECTED VERSIONS ARE ANDROID JELLY BEAN, KITKAT, AND LOLLIPOP
As reported by Thomas Fox-Brewster earlier, Researchers at Checkpoint have been keeping close tabs on the malware since August. They estimate that somewhere around 13,000 new Google accounts are being compromised every day, and have been working closely with Google to identify the source of the threat and to come up with a way to neutralize it.
Despite the fact that it’s been seen swiping Google account tokens, researchers believe that Gooligan’s main purpose is actually something completely different. Like Ghost Push, considered by many experts to be last year’s most successful Android malware strain, Gooligan is manipulating apps in the Google Play store and injecting ads to generate revenue for its controllers.
it does that by forcing infected devices to install apps in the background, which boosts download totals. Gooligan also submits inflated ratings for the surreptitiously-installed apps to make them look like they’re worth downloading.