Android malware campaign 'targets 1 million Google accounts'

Check Point says Android malware campaign can steal tokens from Google accounts

More than one million Google accounts have been compromised by a new authentication-theiving malware campaign called Gooligan, according to security company Check Point.

In a blog post, Check Point said the malware steals authentication tokens from infected Android devices, which can later be used to access Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive and other data stored with Google.

The Gooligan malware campaign appears to affect 74% of in-market devices, particularly those running on Android 4 (JellyBean, KitKat) and 5 (Lollipop).

Around 57% of these devices are in Asia and 9% are in Europe. Android users can check whether their account is compromised here.

Check Point suggested that, if an account has been breached, users should carry out a clean installation ("flashing") of the operating system on the affected mobile device. As this is a complicated process, however, the company said users may want to power off the device and ask their mobile service provider or a certified technician to 're-flash' the device.

Check Point also recommended changing all Google account passwords once the "flashing" process is complete.

The security company is working closely with Google to investigate the source of this campaign.

Adrian Ludwig, Google's director of Android security, said: "We're appreciative of both Check Point's research and their partnership as we've worked together to understand these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall."

To counteract the malware campaign, Google is reportedly notifying affected accounts, revoking affected tokens and deploying SafetyNet improvements.

Featured Resources

The ultimate guide to business connectivity in field services

A roadmap to increased workplace efficiency

Free download

The definitive guide to migrating to the cloud

Migrate apps to the public cloud with multi-cloud infrastructure solutions

Free download

Transform your network with advanced load balancing from VMware

How to modernise load balancing to enable digital transformation

Free download

How to secure workloads in hybrid clouds

Cloud workload protection

Free download

Recommended

Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
CISA, FBI, and NSA issue a Conti ransomware advisory
ransomware

CISA, FBI, and NSA issue a Conti ransomware advisory

23 Sep 2021
Researchers disclose top flaws abused by ransomware gangs
ransomware

Researchers disclose top flaws abused by ransomware gangs

20 Sep 2021
Ransomware hackers break off from Babuk to join a new group
ransomware

Ransomware hackers break off from Babuk to join a new group

9 Sep 2021

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

17 Sep 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021