Saturday, Dec 10 2016 | Updated at 05:44 AM EST

Stay Connected With Us F T R

Dec 01, 2016 04:34 AM EST

Virus Gooligan has Taken Control Over One Million Users; 1.3 Billion Other Devices at Stake

Google Pop Up Store Opens In New York
NEW YORK, NY - OCTOBER 20: A new Google Pixel XL phone is displayed at the new Google pop-up shop in the SoHo neighborhood on October 20, 2016 in New York City. The shop lets people try out new Google products such as the Pixel phone, Google Home, and Daydream VR. The products will be available for purchase offsite at Verizon and Best Buy retail stores.
(Photo : Spencer Platt/Getty Images)

Security firm Check Point Software Technologies Ltd. revealed that virus "Gooligan" has infected more than a million Google accounts in a span of three months since August.

Gooligan will siphon Gmail, Drive, Docs, Photos, and other data from the user's Google account to a remote server. Check Point traced this server and found 1.3 million Google accounts.

The malicious software acts as authentic apps for Android phones and tablets, The Wall Street Journal reported. The apps they disguise as have normal, believable names like Perfect Cleaner, Wi-Fi Enhancer, and StopWatch.

How Gooligan Takes Control

These software acts like a Trojan-horse. After users download them, they will exploit the flaws in older Android operating system versions to control the devices and install ad-spewing software.

Some of the known flaws of older Android versions are the Towelroot and the VROOT. These are usually in devices with Android 4 and Android 5, including Lollipop, KitKat, and Jelly Bean.

These operating systems account for a third of all Android devices being used today. That means 1.3 billion devices in the world are vulnerable to Gooligan.

Damages by Gooligan

Gooligan has been spreading to thousands of Android users at an alarming rate, Forbes reported.

According to Check Point, they discovered Gooligan in 86 various apps and has taken control over an alarming rate of 13,000 Android devices per day. Gooligan apps are usually from third-party stores and not directly from Google's Play store. Still, there are some Gooligan apps that made it to Google Play.

Some of these malicious apps can even take advantage of the user name and password of the victims and use them to post fake reviews.

Security Check Point head of mobile and sloud Michael Shaulov said there could be Gooligan apps from porn sites where people are asked to download particular software to access content.

Suffice to say people must be on guard all the time. 

 

© 2016 University Herald, All rights reserved. Do not reproduce without permission.

Join the Conversation

Get Our FREE Newsletters

Stay Connected With Us F T R

Real Time Analytics