1.3 million Google accounts hit by Gooligan Android bug

1.3 million Google accounts hit by Gooligan Android bug
A number of malicious apps have been downloaded by Android users allowing the malware inside them to wreak havoc with as many as 1.3 million Google accounts. The malware collects data from the phone it has infected, and inserts a rootkit. Once the phone is rooted, email accounts are stolen and code is inserted into the phone's apps forcing more malicious apps to be installed.

The hackers are given access to a user's Google Photos, Google Play, Google Docs and Gmail accounts. Those with a newer Google model (Marshmallow, Nougat) are lucky enough to have missed this terror. Those vulnerable have the Android Jelly Bean, KitKat and Lollipop builds loaded on their phone. Of the 1.3 million Google accounts estimated to be affected, 57% are located in Asia, 19% are in the Americas, 15% in Africa and 9% are in Europe. 

You can check to see if your Android phone has been compromised by clicking on the sourcelink and typing in your email address. For its part, Google has been removing the malicious apps from the Google Play Store. 13,000 Google accounts are said to be getting affected daily. If your phone is affected, you will have to have Android re-flashed on the unit and all of your passwords must be changed.


1.3 million Google accounts hit by Gooligan Android bug
PhoneArena is on Instagram. Follow us to stay updated with fresh news and flashy media from the world of mobile!


source:  CheckPoint via 9to5Google

FEATURED VIDEO

28 Comments

1. xondk

Posts: 1904; Member since: Mar 25, 2014

Title seems rather click bait... Since it, again, requires you to install third party...

2. Finalflash

Posts: 4062; Member since: Jul 23, 2013

Honestly, that is pretty much the only way someone gets infected and that is all anyone hears about. They just conveniently forgot to mention that but at least it says it upfront on the infographics.

10. Mxyzptlk unregistered

Why do you insist on denying that a problem exists? This is serious news.

12. Nine1Sickness

Posts: 896; Member since: Jan 30, 2011

Malware associated with Android isn't a big deal. The bad guys aren't doing anything more with Android users information that Google isn't already doing with it. They give all their information, photos, emails, searches, etc to Google without even thinking about it. Might as well give it all to the hackers.

14. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

What a clueless reply! What makes you thinks Apple and Microsoft are not doing the same thing with your information. They all have the same T&C as Google so in which universal would you trust your beloved company completely. I don't, not even Google. My important data are all encrypted with another trusted open source tool. https://play.google.com/store/apps/details?id=com.paranoiaworks.unicus.android.sse&hl=en As for hacker gaining access to your account could easily be prevented with Google's 2-Step Verification. I have already enable this feature awhile back and if you care about security you would too! https://www.google.com/landing/2step/

22. Leo_MC

Posts: 6388; Member since: Dec 02, 2011

I have read the terms of every service I use and the only one that gets access to the user info, stores and shares them as it sees fit is Google. MS access is limited and Apple is doing the best it can so that not even it can access the user data and the data it gets (browsing history, apps installed etc) can't be traced to the user but to a individual encrypted code. So there are companies that care about the user's privacy, but Google is not one of them...

25. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

i like to be educated, please point out their differences with links and paragraphes. I am not against any companies or their services as long as it serve my purposes. I willing to pay if they can guarantee my privacy.

26. Leo_MC

Posts: 6388; Member since: Dec 02, 2011

That would be my pleasure, but that will cost you 10.000€; let me know when are willing to pay me that sum of money and I will be preparing the material as soon as I see it in my account.

29. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

I did some research. You past comments tell me that you are a just an apple fan so no thank. I am happy with Google and Microsoft products and services. They offer what I want and need without the extra restriction and apple tax would have impose.

30. Leo_MC

Posts: 6388; Member since: Dec 02, 2011

I am an Apple user and I have good reasons to use it's products. I am also using Google and Microsoft services so I will never criticize your or anyone's choice, but my personal set of skills made me inform myself about the privacy issues, I read the terms of the services and I am sharing my knowledge with the public. I don't give a f**k if you switch to some other platform or not, if you see me as a biased fan or not, I'm just stating facts and facts are: Apple's ecosystem protects the user's personal info while in Google's there is a totally different approach.

31. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

I understand. Apple sell good devices and offer their users a solid ecosystem. I was a full fledge apple user preferring Mac over Windows. That's was in the past, i now keep them at an arm length because i find their business tactic to be out of alignment with my own interests. Enjoy your apple devices.

13. yoghibawono

Posts: 240; Member since: May 04, 2016

In other views; big bugs/security but the users are the one welcomng the bugs for ticking 'installing from unknown sources". Sad thing is some closed sourced exclusive OS still buggy and have security issues even without permitting third party apps being installed directly.

6. RebelwithoutaClue

Posts: 5485; Member since: Apr 05, 2013

Not only that, even installing from external sources, Google play services checks the installation file and recognises this one. So to be infected, one would opt-in on third party install AND either disable Google scanning or disable the Google play services. Or of course own a Android smartphone that doesn't have gapps at all. In the end, it's a storm in a teacup.

5. sissy246

Posts: 6959; Member since: Mar 04, 2015

Pretty simple, don't download third-party apps.

11. MrElectrifyer

Posts: 3960; Member since: Oct 21, 2014

It's harder than that, you'll have to enable app side loading, disable Google's automatic app scanning, then download that 3rd party app...

24. ibend

Posts: 6747; Member since: Sep 30, 2014

and root that device... and give root permission to that random application.... damn... why is it so hard just to get this one bug:-/ can't they make something simplier to do? like playing a video or visit a website to freeze your phone? :-/

9. HildyJ

Posts: 332; Member since: Aug 11, 2012

It's infecting 13,000 obsolete phones owned by gullible people each day. Meanwhile, about 1,500,000 Android phones which are immune to the attack are sold each day. Next we'll learn that giving your bank account information to someone who promises to transfer millions into it is a bad idea.

18. RoboticEngi

Posts: 1251; Member since: Dec 03, 2014

It is so funny. Iphonearena are trying so hard to get android down, but you just can't even though you write article after article saying android is full of mallard and virus. While praising IOS and apple....it's amazing a website can be so biased....

19. kiko007

Posts: 7469; Member since: Feb 17, 2016

...........What?

20. patrioticwarrior

Posts: 134; Member since: Nov 09, 2016

What can you expect from apple presstitute.

27. Ren_Gonzalez

Posts: 59; Member since: Nov 29, 2016

I hope my LG G3 was not affected by the bug. And unfortunately, my phone runs on Lolipop.

* Some comments have been hidden, because they don't meet the discussions rules.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.