Gooligan Attack on Android: Millions of Google Accounts Compromised

Avoid third party app stores!


  1. Tomi Engdahl says:

    “Gooligan” Android Malware Steals Authentication Tokens to Hack User Accounts

    “Gooligan” Android Malware Steals Authentication Tokens to Compromise More Than 1 Million Google User Accounts

    Researchers from Check Point Software Technologies shared details on Wednesday of new Android malware that has compromised more than a million Google Accounts.

    Dubbed Gooligan by the security firm, the malware targets devices running Android 4 and 5, which represent nearly 74 percent of Android devices currently in use.

    According to Check Point, the mobile malware can steal authentication tokens stored on devices which can be used to access sensitive data from Gmail, Google Photos, Google Docs and other services, including G Suite.

    Check Point’s research team originally discovered Gooligan’s code in a malicious app called SnapPea last year. They discovered a new variant in August 2016 which they say is infecting 13,000 Android devices per day, with approximately 57 percent of infected devices located in Asia and about nine percent in Europe.

    “The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages,” Check Point explained in a blog post.

    After gaining control over the Android device, the cybercriminals behind Gooligan make money by fraudulently installing apps from Google Play and rating them on behalf of the victim, Check Point said. Gooligan installs at least 30,000 apps daily on compromised devices, totaling more than 2 million apps since the campaign first kicked off.

    “If your account has been breached, a clean installation of an operating system on your mobile device is required.”

    Check Point Press Releases
    More Than 1 Million Google Accounts Breached by Gooligan, New Android Malware Variant
    Check Point reveals a major Google security breach, caused by a new Android malware variant that infects over 13,000 devices every day


Leave a Comment

Your email address will not be published. Required fields are marked *