(AppleInsider.com): A new strain of Android malware dubbed “Gooligan,” thought to be “the largest Google account breach to date,” is already in active circulation and three-fourths of the Android installed base is vulnerable. Once infected, devices give hackers access to the users’ Gmail, Google Photos, Docs, Drive and other Google services accounts.
Discovered by Check Point Software Technologies, the “new and alarming malware campaign” was foundto have already compromised one million Google accounts, and is currently spreading to 13,000 new users each day.
The Gooligan malware is spread through phishing campaigns or malware installed via third party app stores. Once on the device, it sucks up local data, gains root access and downloads a module that enables it to steal the users’s email account and Google’s authentication tokens that provide it password-free access to the user’s Google Photos, Google Play account, files in Google Docs and Google Drive and G Suite.
Stolen authentication tokens bypass various Google security mechanisms, including two-factor-authentication, by allowing the malware that gains control of them to appear to be the already-logged in, legitimate user.
To read the rest of the AppleInsider article, click here.
About Post Author
Share this via:
