Israeli cyber-security firm Check Point has revealed that more than 1 million Google accounts were hacked in recent months, with 13,000 Android smartphones and other mobile devices infected every day.
Considered one of the largest security breaches in history, the “Gooligan” virus breaks into Google services such as Gmail, Google Photos, Google Drive and more, gaining access to emails, files and photos.
Get our weekly highlights directly in your inbox!Sign up
“The theft of 1 million Google account details is very alarming, and represents the next stage of cyber-attacks”
Check Point Software Technologies says the new malware, named Gooligan, roots Android devices and steals email addresses and authentication tokens stored on them. With this information, attackers can access users’ sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive and G Suite (the company’s solution for enterprises).
“This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks,” Michael Shaulov, Check Point’s head of mobile products, said in a statement. “We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.”
Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74 percent of Android devices in use today. The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages.
“After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim,” Check Point says.
Every day, Gooligan installs at least 30,000 apps on breached devices – or, more than 2 million apps since the malware was first traced a couple of months ago.
Check Point has reached out to the Google security team with information on this malware. According to Check Point and Google, Google has already taken steps to protect users, and improve the security of the Android ecosystem.
Of the infected Android devices, 57 percent are located in Asia, 19 percent in the Americas, 15 percent in Africa, and about 9 percent in Europe. Hundreds of the exposed email addresses are associated with enterprises around the world.
Founded in 1993 by Gil Schwed, Marius Nacht and Shlomo Kramer, Check Point went public in 1996. Its current market cap is $14.4 billion, and it shares trade for $83.
Considered one of the world’s leading cyber-security companies, Check Point provides solutions that protect customers from cyber-attacks, including malware and other types of threats. Check Point protects over 100,000 organizations around the globe.
To check whether your Google account has been breached, visit this free online tool, and plug in your email address. If your account has been hacked, a clean installation of an operating system on your mobile device is required. Says Shaulov: “This complex process is called flashing, and we recommend powering off your device, and approaching a certified technician or your mobile service provider, to re-flash your device.”
Photos and infographics: Courtesy