The Largest Google Account Breach Ever – Gooligan

Gooligan MalwareGooligan is the latest malware attack that has breached the security of over one million Google accounts, and continues to breach an additional 13,000 devices every day. This form of malware can root an infected Android device, and steal authentication tokens that can be utilized to access data from Google Play, Gmail, Google Drive, Google Docs, Google Photos, G Suite, and more. This malware has the capability to root Android devices and steal email addresses, photos, documents and personal information including authentication tokens stored on the device.

 

How Does Gooligan Work?

After an infected app is installed on the Android device, whether by installing a malicious app on a third-party app store, or downloading an app from a malicious link in a phishing scam, the infected app is installed and sends data about the device to the malware campaign’s Command and Control server. A rootkit is then downloaded from the C&C server onto the device, giving the hacker full control of the device and its data remotely.

 

Not only does this give hackers access and control, but it also allows them to steal authentication tokens. The main purpose of authentication tokens is for Google to authorize users and give them access to all Google services. Two-factor authentication is one of the security mechanisms implemented which prevents hackers from compromising accounts. However, a stolen authentication token bypasses this security mechanism and allows the hacker to access the users account since it is seen as already being logged in.

 

Who is Affected?

In the research conducted by Check Point security research teams, it was discovered that Gooligan affects Android 4 and 5 devices, which is over 74% of devices on the market. Infected devices were breached due to fake applications that were downloaded from third-party app stores or through phishing scams. It is recommended to view your device’s application list in ‘Settings – Apps’ to determine if you have downloaded one of the malicious applications onto your device.

 

You can check online to see if your Google account has been compromised by accessing the Gooligan Checker. All you have to do is enter your email address, and you will find out whether your account has been breached.

 

What to Do if You’ve Been Affected?

Google is taking numerous steps to protect their users and improve Android security by notifying affected accounts, revoking affected tokens and deploying SafetyNet improvements to protect users from these malicious apps in the future.

 

If your account has been breached, the following steps are recommended:

  • Approach a certified technician or your mobile service provider to perform a clean installation of your operating system
  • Change your passwords to all of your Google accounts

 

How to Avoid Gooligan?

It is highly recommended to avoid downloading mobile applications from third-party app stores even if they look legitimate, and even though they appear to be cheaper than some apps in Google Play. The security of these stores and the apps they sell are not always verified or secure. It is also recommended that you equip your device with a mobile security application. It will be able to detect if your safety has been compromised and protect you from malicious apps, and operating system attacks.

 

Gooligan is the largest Google account breach to date, and it’s affecting over 13,000 more devices each day. Check to see if you have downloaded a malicious application, and also determine whether your Google account has been compromised. Remain vigilant in avoiding third-party app stores, and get mobile security protection for your device to ensure you’re secure against phishing scams and operating system attacks.

Get ZoneAlarm Pro Antivirus+

Get it now

One comment on “The Largest Google Account Breach Ever – Gooligan

  • It really is scary at the moment for business’ that are replying on these big business’ to help run their own. I for example have all my emails run through Google Business Apps. I also have Apple devices all over my shop. I have to update my Apple devices all the time in which I dont mind doing because I have the peace of mind that they are all up to date with the latest security software on them all. But you are hearing more and more stories that hackers are getting closer to breaching Apple and Googles security. If they can do that, I am sure tehy could hack my business if they wanted to! For a small business owner like me, thats scary.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Secure your entire family

Our Products

ZoneAlarm Extreme Security

ZoneAlarm
Extreme Security

Virus free.
100% Guaranteed.

Learn more
ZoneAlarm Anti Virus

ZoneAlarm
Pro antivirus & firewall

Virus and spyware protection.

Learn more
ZoneAlarm Firewall Pro

ZoneAlarm
Pro Firewall

Blocks hackers and intruders

Learn more

Recent Tweets

Secure your family