More than one million Google accounts – involving authentication tokens – have been compromised by the Android malware strain called as Gooligan, security firm Check Point reported on the day of Wednesday.
Hackers can utilize the stolen credentials to gain access to Gmail and Google Photos, Docs, Drive, Play and GSuite. Moreover, the cybercriminals can generate revenue by installing apps from Google Play and rating the apps on behalf of the user. Hackers also profit from the adware installed by Gooligan.
1st spotted in the wild in the year of 2014, this most recent campaign that started in August has infected about 13,000 devices per day by targeting Android 4 and 5 devices. Checkpoint officials estimate that accounts for almost 74% of Android users.
Presently, Gooligan installs 30,000 apps a day on breached devices – or two million fraudulent apps since the campaign started.
The researchers also discovered Gooligan in several legitimate-looking third-party app stores, but users also downloaded the app straightly from malicious links found in phishing messages.
Check Point researchers contacted Google's security team with their findings, and the firm is providing a free online tool that lets users determine if their account is part of the breach.
No comments:
Post a Comment