Over 1 Million Android Phones Breached by Gooligan – Find Out If Yours Is One

Computer researchers at Check Point, a cybersecurity firm, have discovered that hackers have gained access to more than 1.3 million Google accounts thanks to malware called Gooligan that has been placed in dozens of 3rd party Android apps. The malware exploits unpatched flaws in Android to gain access of the infected Android devices and that means the attackers will have access to your emails, photos, documents and more. Luckily, Gooligan-infected devices are designed to go about fraudulently earning their operators ad revenue and not so much about stealing your personal information. Once you’ve downloaded one of the bad apps to your Android device, the malicious software steals your authentication tokens to breach data from your Google Play, Gmail, Google Photos, Google Docs, Google Drive apps and more. It then installs unwanted applications on your device and publish fake ratings and reviews on the Google Play Store to ensure more people download the infected apps thinking they are good due to the positive reviews. The number of devices infected rises by an estimated 13,000 devices per day, according to Check Point in a recent blog post.

Check Point has also created a database of e-mails that are compromised on a website — Gooligan.CheckPoint.com — for people to check if their devices have been hacked. (It requires you to enter your Google email address, tells you if you are compromised, and offers the company’s “ZoneAlarm” product.)

If your account has been breached, the following steps are required:

1. A clean installation of an operating system on your mobile device is required (a process called flashing).
2. Change your Google account passwords immediately after this process.

Google said it has taken numerous steps to protect its users from the malware, but it will take time to get something this complex sorted.