Security research outfit Check Point has revealed a malware campaign that targets users of lower versions of Android like Jelly Bean and Lollipop. This new malware is called “Gooligan” and it usually infects devices via 3rd party app stores and phishing websites. Once installed, the malware can create quite a bit of trouble – and danger as well – if not discovered after a while.
Check Point says that Gooligan is probably an improvement from other earlier malware versions and emerged late in mid-2016. The security outfit also says that potentially around 1 million devices are infected at this point, and they are mostly using Android 4 (Jelly Bean) and Android 5 (Lollipop). These earlier versions are vulnerable to the malware due to exploits like V-Root and TowelRoot, and because users have not patched their versions with security patches.
Once the malware is installed, it roots the host device and works to steal authentication tokens of the resident Google account within the Android device. This information is sent to a server, which means whoever has your information will be able to access your Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and all other related Google accounts.
If you want to know if your device is infected, go to the website that Check Point created just for this very reason. If you are infected, a clean reinstallation of your operating system is needed. And whether or not you are infected, you should work to secure your Google accounts now – change password and all that. Also, an appendix at the source link below lists down all known apps that contain the Gooligan malware.
SOURCE: Check Point
