Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

Malware Compromises More Than 1 Million Android Devices

by Elizabeth Harper on December 01, 2016

New Malware Compromises More than 1 Million Android Devices

Android users, beware, because there's a new type of malware on the loose—and over a million Android devices have already been infected. While most of the infected devices are in Asia, 19 percent of them are in America, and 13,000 more devices are hacked each day. It's the largest breach of Google accounts ever, and it's definitely cause for concern.

The malware is dubbed Gooligan, and you can pick it up by downloading seemingly harmless apps from sources other than the Google Play store. Once downloaded, Gooligan gains access to all of your data, including Gmail, Google Docs, Google Drive, Google Play and more.

However, while Gooligan has access to a lot of your personal data, it doesn't appear to use it. Instead, Gooligan downloads apps from Google Play in a scam designed to collect advertising revenue. These apps may provide Gooligan's creators with cash for each download or show ads to generate income. Compromised Google accounts may also leave reviews on these fraudulent apps to make them appear more legitimate to other users.

Gooligan exploits known vulnerabilities in older versions of Android, including Jelly Bean, KitKat and Lollipop (that's Android 4.1 through Android 5.1.1). Newer Android devices running Marshmallow (Android 6.0 through 6.0.1) or Nougat (Android 7.0 through 7.1.1) aren't vulnerable, but if you use an Android device from 2014 or earlier, you could be vulnerable to Gooligan.

Gooligan malware checker

Fortunately, there's an easy way to check if you're infected. Security firm Check Point has created a tool that shows if your email address is among the compromised accounts. If your device is compromised, you'll want to do a clean installation of Android on your device (typically called "flashing"). Because of the way Gooligan works, simply resetting your phone to factory defaults and deleting your data won't get rid of the malware.

Doing a clean installation can be a bit of a complicated process, so you may want to consult a professional or talk to your wireless carrier about getting it done. Once your device is clean, change your Google account password, and you'll be good to go.

Google has been fighting malware like Gooligan for years now. Adrian Ludwig, director of Android security at Google, explains that the company has been working on strengthening security, removing apps involved in the compromise from Google Play and revoking access on compromised accounts by requiring them to sign in securely before they can access Google services again. While no data has been stolen in this hack, malware like Gooligan is capable of taking your data, and you'll want to take steps to keep your device safe.

Here's how to keep your device secure

  • Install the latest version of Android, including the security patches. Your carrier should provide instructions when updates are available.
  • Don't download apps from anywhere other than the Google Play store. Newer versions of Android will warn you if you try to download apps from elsewhere. Pay attention when it does!
  • Run a reputable anti-virus application. While anti-virus protection can sometimes be frustrating — anti-virus apps can accidentally identify non-malware as malware — it can help keep your phone secure. Try AVAST, AVG, Kaspersky, McAfee or Norton, all of which are free and known for their solid desktop anti-virus protection.

[Image credit: mobile phone security concept via BigStockPhoto, CheckPoint]


Privacy, News, Phones and Mobile, Computer Safety & Support, Blog

Discussion loading


From Randy on December 01, 2016 :: 2:07 pm

Hi, is this only for android phones and not iPhones or PC’s?




From Suzanne Kantra on December 01, 2016 :: 2:32 pm

Correct. Your Google account can only be compromised if it’s being used on an infected Android device.



From Randy on December 01, 2016 :: 2:52 pm

Thank you


Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.