Gooligan Malware Mainly Infects Devices In Asia And America

Android malware is becoming a bigger security concern every single week. A new type of malicious software, known as Gooligan, infected one million Google accounts. Although security researchers are aware of this malware, the threat has not been fully eliminated just yet. In fact, research indicates that over 13,000 Android devices are being breached every single day due to this malicious software.

Gooligan Malware Should Not be Underestimated

Smartphones are a popular target for criminals and hackers all over the world. Given the widespread adoption of this technology, millions of users are at risk of getting infected with malware and other nasty software. Gooligan, one of the most potent malware threats to date, is the cause of the largest Google account breach ever recorded.

Google acknowledged this malware threat through an official blog post. As it turns out, Gooligan is closely related to Ghost Push, a different malware type affecting Android users in recent years. This new iteration of the same project is a major security concern, and bringing the threat to an end will be quite challenging.

To put this into perspective, nearly 100 Android apps infected with the Gooligan payload have been identified across third-party app stores. Once a user installs this application, they are vulnerable to having their Google account breached. In most cases, victims are enticed to download free versions of paid apps, including some renowned mobile offerings.




As is usually the case with Android malware, the number of vulnerable devices is mind boggling. Any device running Android 4 or 5 is susceptible to the Gooligan attack, which puts 74% of all Android devices in danger right now. This is another clear example of why software updates should not be left in the hands of device manufacturers, but rather of Google and Alphabet.

A device infected with Gooligan will give the assailant root access. This allows hackers to steal Google authentication token information, which they can then abuse to breach all Google services associated with that account. Gmail, Google Drive, and Google Play are all vulnerable at that point, and all of the personal data associated with these services can be retrieved in the process.

Looking at the numbers provided by Check Point, it is apparent that the majority of infected devices are located in Asia. Europe is the last infected region right now, although there could be multiple reasons why that is the case. Users should not download apps from third-party app stores to ensure that their Google account is secure at all times. A special tool has been developed to check if a device has been infected by this malware or not.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

Leave a Reply