Gooligan worms its way into Android phones, compromises one million accounts

BY

Published 30 Nov 2016

NSFW AI Why trust Greenbot

We maintain a strict editorial policy dedicated to factual accuracy, relevance, and impartiality. Our content is written and edited by top industry professionals with first-hand experience. The content undergoes thorough review by experienced editors to guarantee and adherence to the highest standards of reporting and publishing.

Disclosure

If you tend to download apps from places other than the ay Store, your account might be compromised. Researchers at the security firm Check int Software Technologies have uncovered a piece of malware that seeks to root your device in order to gain access to your precious account.

But the so-called Gooligan Trojan Horse isn’t after your credit card information or contacts list. Rather, the scheme is an old-fashioned money-making one. Once it has broken into your account, the malware proceeds to download apps from ay on your device give them high marks positive reviews on your behalf. Additionally, it may install adware on your phone that manifests itself in the form of intrusive pop-ups.

At least 1 million accounts have been affected by the Gooligan attack, Check int is seeing some 13,000 new devices infected each day, primarily ones running lly Bean, KitKat llipop. ones running Marshmallow (6.0) or Nougat (7.0, 7.1) appear to be immune.

ile this particular strain might be new, the vulnerability itself is old hat. Gooligan is essentially a variant of Ghost sh, which has been working for the better part of two years to tackle. And rest assured, the company is already investigating the new strain with Check int to protect future users from being infected. As Adrian dwig, lead engineer for Android security, noted on his + blog, is constantly working to make sure vulnerabilities like Gooligan don’t happen in the future:

“’ve taken many actions to protect our users improve the security of the Android ecosystem overall. These include: revoking affected users’ Account tokens, providing them with clear instructions to sign back in securely, removing apps related to this issue from affected devices, deploying enduring Verify Apps improvements to protect users from these apps in the future collaborating with IS to eliminate this malware altogether.”

The impact on you: Malware is scary the openness of Android means it is constantly at risk of attack. But there are easy ways you can protect yourself. For starters, try to avoid downloading any apps outside of ay, always update your phone with the latest possible security patches OS updates when they’re available. But if you think you may have been infected, you can run a check on your device here. If it has been compromised, simply flash your device change your password.