Virus Gooligan has Taken Control Over One Million Users; 1.3 Billion Other Devices at Stake
BySecurity firm Check Point Software Technologies Ltd. revealed that virus "Gooligan" has infected more than a million Google accounts in a span of three months since August.
Gooligan will siphon Gmail, Drive, Docs, Photos, and other data from the user's Google account to a remote server. Check Point traced this server and found 1.3 million Google accounts.
The malicious software acts as authentic apps for Android phones and tablets, The Wall Street Journal reported. The apps they disguise as have normal, believable names like Perfect Cleaner, Wi-Fi Enhancer, and StopWatch.
How Gooligan Takes Control
These software acts like a Trojan-horse. After users download them, they will exploit the flaws in older Android operating system versions to control the devices and install ad-spewing software.
Some of the known flaws of older Android versions are the Towelroot and the VROOT. These are usually in devices with Android 4 and Android 5, including Lollipop, KitKat, and Jelly Bean.
These operating systems account for a third of all Android devices being used today. That means 1.3 billion devices in the world are vulnerable to Gooligan.
Damages by Gooligan
Gooligan has been spreading to thousands of Android users at an alarming rate, Forbes reported.
According to Check Point, they discovered Gooligan in 86 various apps and has taken control over an alarming rate of 13,000 Android devices per day. Gooligan apps are usually from third-party stores and not directly from Google's Play store. Still, there are some Gooligan apps that made it to Google Play.
Some of these malicious apps can even take advantage of the user name and password of the victims and use them to post fake reviews.
Security Check Point head of mobile and sloud Michael Shaulov said there could be Gooligan apps from porn sites where people are asked to download particular software to access content.
Suffice to say people must be on guard all the time.