December 1, 2016 by

Gooligan Hacks Over 1 Million Google Accounts

Google has suffered a significant malware infection that has affected over a million Android users around the world, a security firm has revealed.

Researchers at Check Point Technologies have revealed that a malware, aptly dubbed “Gooligan” has targeted authentication tokens to breach data from several Google-developed software including the likes of Gmail, G-Suite, Drive, Photos, Docs, Google Play and more. The rampaging malware isn’t showing any signs of subsiding either, as researchers point to over 13,000 new devices compromised, every day.

The malware typically affects older Android devices – which still represent a majority of the devices in the market to this day – running on Jelly Bean or Kitkat (Android 4) or Lollipop, Android 5 and its subsequent variants.

These devices total a staggering 74% of all Android devices in use today, with 57% of those devices located in Asia, 19% in the Americas and about 9 % in Europe.

Google authorization tokens are fundamentally the means to access the Google account and the related services of a user. When a user successfully logs into an account, the tokens are issued. In this particular scenario, the authorization tokens were compromised, leaving attackers to access all Google services associated with a user’s account.

Researchers discovered traces of the Gooligan malware code in multiple applications, purporting to be legitimate apps on third-party Android app stores. These stores are particularly popular since they usually provide free versions of paid apps.

For its part, Google has removed a number of malicious applications from the Play store and is already enforcing measures to contain the spread of the infection.

Google claims that the motivation behind the malware was to promote apps rather than steal account information belonging to users.  

Still, Check Point researchers have made the damning conclusion in stating:

Gooligan has breached over a million Google accounts. We believe that it is the largest Google account breach to date.

 Image credit: Pexels.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Security Researchers Uncover ‘World’s Most Powerful Android Spyware’

Security researchers at Kaspersky have uncovered a new form of Android spyware with capabilities...

Read more arrow_forward

This Android CryptoMining Malware is Capable of Destroying Android Phones

Cybersecurity researchers have discovered a “jack of all trades” cryptocurrency mining malware...

Read more arrow_forward

Google Research: Phishing Poses the Greatest Cybersecurity Threat

A new study by Google has revealed insights to better explain how emails and other accounts are...

Read more arrow_forward