Android malware steals million Google accounts: researchers

November 30, 2016
Malware dubbed Gooligan targets devices running Android 4.0 and 5.0, which represent nearly 74 percent of mobile devices using the Google-powered operating system

Malicious software designed to attack Android smartphones has breached the accounts of more than a million Google users, security researchers said Wednesday.

The report by Check Point Software Technologies said the malware dubbed Gooligan targets devices running Android 4.0 and 5.0, which represent nearly 74 percent of mobile devices using the Google-powered operating system.

The attacks can steal email addresses and authentication data stored on the devices to access sensitive data from Gmail, Google Photos, Google Docs and other services, Check Point said.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks," said Michael Shaulov, Check Point's head of mobile products.

"We are seeing a shift in the strategy of hackers, who are now targeting in order to obtain the sensitive information that is stored on them."

Check Point said researchers discovered Gooligan's code in an application last year and that a new variant appeared in August 2016, affecting some 13,000 devices per day. About 57 percent of those devices are located in Asia and about nine percent are in Europe.

"The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages," the company said in a statement.

Attackers can gain control over the device and generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim.

Check Point said it reported the details of the malware to Google, and that the tech giant indicated it would take steps to protect users.

Google did not immediately respond to an AFP query.

Explore further: Google says Android malware cut in half

Related Stories

Google says Android malware cut in half

April 2, 2015

Google said Thursday that malware infections on Android devices have been cut in half in the past year following security upgrades for the mobile platform.

Android uh-oh resides in vulnerability dubbed Certifi-gate

August 7, 2015

An Android vulnerability has been discovered which leaves phones at risk of malicious apps gaining privileged access without a victim being aware of all this. The weakness affects phones from a number of major manufacturers. ...

Recommended for you

Firms push hydrogen as top green energy source

January 18, 2017

Over a dozen leading European and Asian firms have teamed up to promote the use of hydrogen as a clean fuel and cut the production of harmful gasses that lead to global warming.

WhatsApp vulnerable to snooping: report

January 13, 2017

The Facebook-owned mobile messaging service WhatsApp is vulnerable to interception, the Guardian newspaper reported on Friday, sparking concern over an app advertised as putting an emphasis on privacy.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.