More than 1M Android devices infected with new malware

More than 1M Android devices infected with new malware

Gooligan most common in Asia, infects 13,000 new devices each day via third-party app stores

By Barry Eitel

SAN FRANCISCO (AA) – A new malicious software campaign has been detected on more than 1 million Android devices, a cybersecurity firm reported Wednesday.

An average of 13,000 new devices per day are compromised globally, according to Check Point.

The malware first appeared in August and was dubbed Gooligan, a combination of hooligan and Google.

Check Point, which discovered the malware, said the program targets vulnerabilities in Android operating systems, specifically, devices running on Android 4 and Android 5, including the point releases Jelly Bean, KitKat and Lollipop.

Gooligan then spreads through apps downloaded from third-party app stores, i.e. not the official Google Play app store. The apps boast legitimate sounding titles and range in purpose, from mobile games named Slots Mania to the curiously named Kiss Browser.

Once a device is infected, hackers can access a user’s data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive and other apps.

The third-party app stores are most popular in Asia, and Check Point noted that the continent is home to 57 percent of devices infected with Gooligan. Another 19 percent of infected devices are in the Americas, 15 percent in Africa and 9 percent are in Europe.

Check Point offers a free service for Android users to check if a device is infected with Gooligan.

“Gooligan has breached over a million Google accounts,” the firm noted in its report. “We believe that it is the largest Google account breach to date, and we are working with Google to continue the investigation. We encourage Android users to validate whether their accounts have been breached.”

While Gooligan infects more devices each day, Google and Check Point are working on a fix for the malware. Check Point believes it is a new and pernicious variant of an older family of malware called Ghost Push.

“As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall,” Adrian Ludwig, Google’s director of Android security, said in a statement.

Kaynak:Source of News

This news has been read 821 times in total

ADD A COMMENT to TO THE NEWS
UYARI: Küfür, hakaret, rencide edici cümleler veya imalar, inançlara saldırı içeren, imla kuralları ile yazılmamış,
Türkçe karakter kullanılmayan ve büyük harflerle yazılmış yorumlar onaylanmamaktadır.
Previous and Next News