Tech Made Simple

Hot Topics: How to Fix Bluetooth Problems | The Best Holiday Gifts | Best Fitness Trackers Under $50 | Complete Guide to Facebook Privacy

Top News Stories

author photo

Malware Compromises More Than 1 Million Android Devices

by on December 01, 2016
in Privacy, News, Phones and Mobile, Computer Safety & Support, Blog :: 3 comments

New Malware Compromises More than 1 Million Android Devices

Android users, beware, because there's a new type of malware on the loose—and over a million Android devices have already been infected. While most of the infected devices are in Asia, 19 percent of them are in America, and 13,000 more devices are hacked each day. It's the largest breach of Google accounts ever, and it's definitely cause for concern.

The malware is dubbed Gooligan, and you can pick it up by downloading seemingly harmless apps from sources other than the Google Play store. Once downloaded, Gooligan gains access to all of your data, including Gmail, Google Docs, Google Drive, Google Play and more.

However, while Gooligan has access to a lot of your personal data, it doesn't appear to use it. Instead, Gooligan downloads apps from Google Play in a scam designed to collect advertising revenue. These apps may provide Gooligan's creators with cash for each download or show ads to generate income. Compromised Google accounts may also leave reviews on these fraudulent apps to make them appear more legitimate to other users.

Gooligan exploits known vulnerabilities in older versions of Android, including Jelly Bean, KitKat and Lollipop (that's Android 4.1 through Android 5.1.1). Newer Android devices running Marshmallow (Android 6.0 through 6.0.1) or Nougat (Android 7.0 through 7.1.1) aren't vulnerable, but if you use an Android device from 2014 or earlier, you could be vulnerable to Gooligan.

Gooligan malware checker

Fortunately, there's an easy way to check if you're infected. Security firm Check Point has created a tool that shows if your email address is among the compromised accounts. If your device is compromised, you'll want to do a clean installation of Android on your device (typically called "flashing"). Because of the way Gooligan works, simply resetting your phone to factory defaults and deleting your data won't get rid of the malware.

Doing a clean installation can be a bit of a complicated process, so you may want to consult a professional or talk to your wireless carrier about getting it done. Once your device is clean, change your Google account password, and you'll be good to go.

Google has been fighting malware like Gooligan for years now. Adrian Ludwig, director of Android security at Google, explains that the company has been working on strengthening security, removing apps involved in the compromise from Google Play and revoking access on compromised accounts by requiring them to sign in securely before they can access Google services again. While no data has been stolen in this hack, malware like Gooligan is capable of taking your data, and you'll want to take steps to keep your device safe.

Here's how to keep your device secure

  • Install the latest version of Android, including the security patches. Your carrier should provide instructions when updates are available.
  • Don't download apps from anywhere other than the Google Play store. Newer versions of Android will warn you if you try to download apps from elsewhere. Pay attention when it does!
  • Run a reputable anti-virus application. While anti-virus protection can sometimes be frustrating — anti-virus apps can accidentally identify non-malware as malware — it can help keep your phone secure. Try AVAST, AVG, Kaspersky, McAfee or Norton, all of which are free and known for their solid desktop anti-virus protection.

[Image credit: mobile phone security concept via BigStockPhoto, CheckPoint]



Discussion loading

gravatar

Only android phones?

From Randy on December 01, 2016 :: 3:07 pm

Hi, is this only for android phones and not iPhones or PC’s?

Thx

Reply

avatar

Correct. Your Google account can

From Suzanne Kantra on December 01, 2016 :: 3:32 pm

Correct. Your Google account can only be compromised if it’s being used on an infected Android device.

Reply

gravatar

Thank you

From Randy on December 01, 2016 :: 3:52 pm

Thank you

Reply

© 2015 Techlicious LLC. Home | About | Meet the Team | Sponsorship Opportunities | Newsletter Archive | Contact Us | Terms of Use | Privacy Policy

site design: Juxtaprose