More Than 1 Million Google Accounts Breached By Hackers' Android Malware

By Precious Gem de Peralta
Android 4.0
Check Point discovered that hackers are exploiting the security vulnerabilities in Android versions 4 (Jelly Bean, Kit Kat) and 5 (Lollipop) with a new variant of Android malware called Gooligan. Alison Chaiken via Flickr

An app-installing malware has breached more than 1 million Google accounts and infected Android devices. Security firm Check Point has revealed that the malware campaign called "Gooligan" has been compromising 13,000 devices per day.

Check Point discovered that hackers are exploiting the security vulnerabilities in Android versions 4 (Jelly Bean, Kit Kat) and 5 (Lollipop). The firm went as far as to dub it as the "biggest theft of Google accounts". Apparently, the stolen "authentication tokens" are being used by the cyber criminals to access data in the person's account that include Google Play, Gmail, Google Photos, Google Docs, G Suite and Google Drive.

Though the extent of the malware's damage has been discovered, this new variant of Android malware had already been found by Check Point last year in the SnapPea app. The firm assured that they are working "closely with the Google to investigate the source of the Gooligan campaign". Once the affected app has been installed, the malware "collects data about the devices and downloads rootkits". Google pointed out that it does not actually "access any personal emails of files".

According to Forbes, users are forced to download apps "as part of a huge advertising fraud scheme". The ones responsible for this are "making as much as $320,000 a month". It's being used to "boost and app's ranking" and get a huge profit from it. Among the fake apps infected by Gooligan are WiFi Enhancer, WiFi Master, Memory Booster, Clean Master, YouTube Downloader, Slots Mania, Talking Tom 3 and the evidently malicious Sex Photo, PornClub and So Hot.

The above-mentioned versions of Android mobile operating system amount to 74 percent of Android devices currently being used. 40 percent of the Google accounts breached are in Asia, 19 percent in the Americas, 15 percent in Africa and 9 percent in Europe.

Possible victims of the breach can check their Google accounts if it has been compromised by going to gooligan.checkpoint.com. Owners who have infected devices are advised to power off their gadgets. They should bring it to a certified technician or mobile service provider. The Android device has to undergo a "clean installing of an operating system". Once the device has been successfully "re-flashed", the Google account password has to be changed.

According to The Verge, this is not the first time that cybercriminals have used such malware to improve certain apps' ranking and generate revenue from it. Google had removed a "family of apps called Brain Test" last year. Though the tech company actually scans for harmful apps in the Play Store, there are still instances where some of them cannot be detected.

  • ‘Wang Mingdao’s Diary’ reproduction highlights complexities of contemporary Chinese Christianity

    On December 9, the China Graduate School of Theology (中国神学研究院) hosted a public lecture titled “A Courageous Witness in the Times—Launch of Wang Mingdao (王明道)’s Diary.” The lecture, themed “Faith Patterns in Beijing’s Christian Churches Through the Lens of Wang Mingdao’s Diary,” featured Dr. Ni Buxiao (倪步晓), Associate Director and Assistant Professor at the Christian Faith and Chinese Culture Research Center of Alliance Bible Seminary (建道神学院), as the keynote speaker.

  • Floating library ‘Doulos Hope’ arrives in Taiwan; spreading love and hope from a former cruise ship

    Doulos Hope, the international floating book fair ship, has returned to Taiwan and is now docked at Kaohsiung Port, open to the public from December 18, 2024, to January 12, 2025. Originally built in 1991 and renovated in 2022, the ship features over 2,000 books on various topics, including faith, science, and art. It is operated by a diverse crew of 140 volunteers from 25 countries, offering services such as education, healthcare, and community outreach. The ship's mission is to spread hope and

  • Chinese Online School of Theology publishes annual ministry report: Expanding Chinese theological education through new strategies

    In the 2023-2024 academic year, New York-based Chinese Online School of Theology (COST) has seen significant development in expanding its ministry in theological education and mission outreach. They have promoted a series of new events and projects to explore different strategies that expand theological education for Chinese ministers. The following are some highlights from the 2023-2024 annual report:

  • Dr. Fenggang Yang: How foreign forces transformed traditional Chinese legal systems

    In a recent lecture to Chinese Christians, scholar Dr. Fenggang Yang (杨凤岗) gave an in-depth analysis of the historical evolution and contemporary significance of the modern legal system in Chinese society. He explored the tensions and integrations between traditional law and modern rule of law, highlighting the distinctive characteristics of China’s traditional legal system and emphasizing the role of foreign influences in introducing modern legal practices into Chinese society.

Top Stories