More than 1 million Google accounts were breached, enabling malware users to steal Google users’ passwords and bloat recommendations, among other things, according to a report by MediaPost. The report says security researchers at Check Point Software Technologies uncovered a new variant of Android malware that’s responsible for the breach.
“Gooligan — the name of the malware campaign — roots itself in Android devices and steals email address and stored authentication tokens, which Google has been using for years to help protect users,” MediaPost reports. “Through the code, attackers can access sensitive data of users from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.”
The researchers warned: “If rooting is successful, the attacker has full control of the device and can execute privileged commands remotely.”
MediaPost adds: “Researchers claim that through the hundreds of email addresses associated with enterprise accounts worldwide, Gooligan has infected more than 13,000 devices each day and is the first to root more than a million devices — and each day the malware installs at least 30,000 apps on breached devices or more than 2 million apps since the campaign began, per researchers. The malware is used to puff up reviews on apps, so that users will download them to spread the virus.”