Israeli cyber security firm Check Point announced today that they have uncovered a new malware that they claim succeeded in rooting more than a million devices worldwide, and gaining access to the user?EU?s Google accounts, including their Gmail, Google Drive, and other services linked to the account.
Once the virus reaches the device, the malware campaign in its current form as it emerged in August that they are calling Gooligan, steals the user?EU?s email address and authentication tokens. This then allows the hackers to install various apps, which they then benefit from financially by rating on Google Play in the name of the user. As an added kicker, the virus installs adware for making additional cash off of its victims.
Android devices running Jelly Bean, Kit-Kat, or Lollipop operating systems, which according to Check Point, accounts for some 74% of all users. While the number of those with verified cases of Gooligan had only reached around a million since, it was apparently infecting 13,000 new devices and installing 33,000 apps every day, including a significant number of enterprise accounts.
The malware is reported to have made its way onto users?EU? devices through downloads on third party apps stores, as well as phishing links in emails.
?EU?This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks,?EU? said Michael Shaulov, Check Point?EU?s head of mobile products in the statement that was released by the company. ?EU?We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.?EU?
After discovering the attack, Check Point alerted Google with their findings. In response, the Google team has taken a number of steps to mitigate the damage and prevent the further spread of the Ghost…