More than a million Google accounts have been compromised by cybercriminals. There’s no need to panic about Google’s servers being breached, however. The culprit is actually a new strain of Android malware that’s been dubbed Gooligan and it’s not hard to avoid.
As reported by Thomas Fox-Brewster earlier, Researchers at Checkpoint have been keeping close tabs on the malware since August. They estimate that somewhere around 13,000 new Google accounts are being compromised every day, and have been working closely with Google to identify the source of the threat and to come up with a way to neutralize it.
Despite the fact that it’s been seen swiping Google account tokens, researchers believe that Gooligan’s main purpose is actually something completely different. Like Ghost Push, considered by many experts to be last year’s most successful Android malware strain, Gooligan is manipulating apps in the Google Play store and injecting ads to generate revenue for its controllers.
It does that by forcing infected devices to install apps in the background, which boosts download totals. Gooligan also submits inflated ratings for the surreptitiously-installed apps to make them look like they’re worth downloading.
You’d be forgiven for fearing malware like Gooligan that can automatically root your device, compromise your Google account, and force your device to do things you don’t want it to. The good news is that you don’t have to.
Source: SANS ISC SecNewsFeed @ November 30, 2016 at 03:03PM