You may have heard or read about it online, a malware has been found to have infected more than 1 Million Android devices and that number goes up by as much as 13,000 devices per day. This was reported by tech security firm Check Point:
Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.
Gooligan is a new variant of the Android malware campaign found by our researchers in the SnapPea app last year.
The malware has spread through 3rd-party Android app stores for a number of reasons: less stringent security measures compared to Google’s Play Store, free versions of paid apps are usually found in these 3rd-party app stores and majority of the apps are available for free.
Gooligan malware is part of an online campaign to steal Google account tokens that can be used for other nefarious deeds aside from the obvious stealing of one’s Google account. Check out the infographic below to see the big picture:
They have an online tool that lets you check whether or not your Google account has been compromised which means your device has been infected by the Gooligan malware or not. I checked out my primary Google account and was glad that it is still remains intact.
They also have a list of apps that have been confirmed to carry the Gooligan malware. So check it out and your device’s list of installed apps to see if you’re phone has been infected or not. The most effective way to protect your phone is simple: do not download apps from 3rd-party app stores. Avoid side-loading apps or manually installing apps on your device specially if you’re unsure of where it came from. And even if you’re on the Google Play Store, do some research first before downloading an app.
Google is already aware of this issue and have taken steps to combat this malware.
Read Check Point’s report on the Gooligan malware for more information. Be safe. Be smart.