If you own an Android smartphone, Beware! A new Android malware that has already breached more than 1 Million Google accounts is infecting around 13,000 devices every day.
Dubbed Gooligan, the malware roots inclined Android gadgets to thieve e-mail addresses and authentication tokens stored on them.
With this facts in arms, the attackers are able to hijack your Google account and access your sensitive records from Google apps which includes Gmail, Google images, Google doctors, Google Play, Google pressure, and G Suite.
Researchers located lines of Gooligan code in dozens of valid-searching Android apps on third-celebration app stores, which if downloaded and installed by means of an Android user, malware starts sending your tool’s facts and stolen data to its Command and manage (C&C) server.
"Gooligan then downloads a rootkit from the C&C server that takes gain of more than one Android four and five exploits such as the famous ROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153)," researchers stated in a blog post.
"If rooting is a success, the attacker has full manipulate of the device and may execute privileged instructions remotely."
In step with CheckPoint safety researchers, who exposed the malware, everyone going for walks an older version of the Android working system, which includes Android 4.x (Jelly Bean, KitKat) and five.x, (Lollipop) is maximum at hazard, which represents almost seventy-four% of Android gadgets in use these days.
"These exploits still plague many devices these days due to the fact protection patches that restoration them may not be to be had for some versions of Android, or the patches had been never set up by means of the user," researchers introduced.
As soon as hack into any Android tool, Gooligan also generates sales for the cyber criminals by means of fraudulently shopping for and putting in apps from Google Play save and score them and writing evaluations on behalf of the smartphone's proprietor.The malware also installs adware to generate sales.
How to check if your Google account has been compromised with this malware?
Check Point has published an online tool to check if your Android device has been infected with the Gooligan malware.
Just open ‘Gooligan Checker’ and enter your Google email address to find out if you've been hacked.
If you found yourself infected, Adrian Ludwig, Google's director of Android security, has recommended you to run a clean installation of the operating system on your Android device.
This process is called 'Flashing,' which is quite a complicated process. So, the company recommends you to power off your device and approach a certified technician or your mobile service provider in order to re-flash your device.