Google and its Android platform have always been seen to provide hackers with the easiest route to users’ devices and personal information.
Despite all the efforts that the search engine giant has been putting in to ensure that all Android devices and their related Google accounts are safe from malicious hackers, the latter group has always found a way to breach the security employed by the company.
The latest security threat involves a new malware campaign known as Gooligan. According to IT Security firm Check Point, the malware is responsible for breaching more than 1 million Google accounts. Surprisingly, this is not all as the team of security researchers adds that more than 13,000 new victims are being added to the list as each day counts.
The malware is said to be targeting users of Android devices and once it gains access to one’s Google account, it can steal personal information or rather authentication tokens used to access all data stored by Google apps, among them Gmail, Google Play as well as Google Docs, just to name but a few.
According to a report published by CNN Money, the Gooligan malware is as a result of installing illegitimate apps on Android phones, something the publication says it happens unwittingly. Check Point has gone further to detail the apps that are tied to this attack, also adding that the malware only targets Google accounts on devices running Android 4 and Android 5. Even though a little older than Android 6 and Android 7, the former account for more than 74% of all Android devices in the world.
Apparently, Check Point has not discovered the source of this Gooligan malware, but more details should come out sooner than later. Still, the security firm has created a website where concerned users can check whether their Google accounts have been affected by the malware.
As noted earlier, it has been determined that this malware is as a result of downloading apps from unknown publishers and websites, which is contrary to the usual recommendation by Google – that all apps be downloaded from the official Google Play Store. In short, make sure you download all your apps from the official Play Store unless you want to face the wrath of Gooligan.