1.3 million Google accounts hit by Gooligan Android bug

1.3 million Google accounts hit by Gooligan Android bug
A number of malicious apps have been downloaded by Android users allowing the malware inside them to wreak havoc with as many as 1.3 million Google accounts. The malware collects data from the phone it has infected, and inserts a rootkit. Once the phone is rooted, email accounts are stolen and code is inserted into the phone's apps forcing more malicious apps to be installed.

The hackers are given access to a user's Google Photos, Google Play, Google Docs and Gmail accounts. Those with a newer Google model (Marshmallow, Nougat) are lucky enough to have missed this terror. Those vulnerable have the Android Jelly Bean, KitKat and Lollipop builds loaded on their phone. Of the 1.3 million Google accounts estimated to be affected, 57% are located in Asia, 19% are in the Americas, 15% in Africa and 9% are in Europe. 

You can check to see if your Android phone has been compromised by clicking on the sourcelink and typing in your email address. For its part, Google has been removing the malicious apps from the Google Play Store. 13,000 Google accounts are said to be getting affected daily. If your phone is affected, you will have to have Android re-flashed on the unit and all of your passwords must be changed.

PhoneArena is on Instagram. Follow us to stay updated with fresh news and flashy media from the world of mobile!

source:  CheckPoint via 9to5Google



1. xondk

Posts: 1904; Member since: Mar 25, 2014

Title seems rather click bait... Since it, again, requires you to install third party...

2. Finalflash

Posts: 4063; Member since: Jul 23, 2013

Honestly, that is pretty much the only way someone gets infected and that is all anyone hears about. They just conveniently forgot to mention that but at least it says it upfront on the infographics.

10. Mxyzptlk unregistered

Why do you insist on denying that a problem exists? This is serious news.

12. Nine1Sickness

Posts: 896; Member since: Jan 30, 2011

Malware associated with Android isn't a big deal. The bad guys aren't doing anything more with Android users information that Google isn't already doing with it. They give all their information, photos, emails, searches, etc to Google without even thinking about it. Might as well give it all to the hackers.

14. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

What a clueless reply! What makes you thinks Apple and Microsoft are not doing the same thing with your information. They all have the same T&C as Google so in which universal would you trust your beloved company completely. I don't, not even Google. My important data are all encrypted with another trusted open source tool. https://play.google.com/store/apps/details?id=com.paranoiaworks.unicus.android.sse&hl=en As for hacker gaining access to your account could easily be prevented with Google's 2-Step Verification. I have already enable this feature awhile back and if you care about security you would too! https://www.google.com/landing/2step/

13. yoghibawono

Posts: 240; Member since: May 04, 2016

In other views; big bugs/security but the users are the one welcomng the bugs for ticking 'installing from unknown sources". Sad thing is some closed sourced exclusive OS still buggy and have security issues even without permitting third party apps being installed directly.

6. RebelwithoutaClue unregistered

Not only that, even installing from external sources, Google play services checks the installation file and recognises this one. So to be infected, one would opt-in on third party install AND either disable Google scanning or disable the Google play services. Or of course own a Android smartphone that doesn't have gapps at all. In the end, it's a storm in a teacup.

5. sissy246

Posts: 7129; Member since: Mar 04, 2015

Pretty simple, don't download third-party apps.

11. MrElectrifyer

Posts: 3960; Member since: Oct 21, 2014

It's harder than that, you'll have to enable app side loading, disable Google's automatic app scanning, then download that 3rd party app...

24. ibend

Posts: 6747; Member since: Sep 30, 2014

and root that device... and give root permission to that random application.... damn... why is it so hard just to get this one bug:-/ can't they make something simplier to do? like playing a video or visit a website to freeze your phone? :-/

9. HildyJ

Posts: 344; Member since: Aug 11, 2012

It's infecting 13,000 obsolete phones owned by gullible people each day. Meanwhile, about 1,500,000 Android phones which are immune to the attack are sold each day. Next we'll learn that giving your bank account information to someone who promises to transfer millions into it is a bad idea.

18. RoboticEngi

Posts: 1251; Member since: Dec 03, 2014

It is so funny. Iphonearena are trying so hard to get android down, but you just can't even though you write article after article saying android is full of mallard and virus. While praising IOS and apple....it's amazing a website can be so biased....

19. kiko007

Posts: 7521; Member since: Feb 17, 2016


20. patrioticwarrior

Posts: 134; Member since: Nov 09, 2016

What can you expect from apple presstitute.

27. Ren_Gonzalez

Posts: 59; Member since: Nov 29, 2016

I hope my LG G3 was not affected by the bug. And unfortunately, my phone runs on Lolipop.

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless