Check out if your Google account has been hacked by a Gooligan Android malware

Malicious software designed to attack Android smartphones has breached the accounts of more than a million Google users, security researchers have revealed.

The report by Check Point Software Technologies said the malware dubbed Gooligan targets devices running Android 4.0 and 5.0, which represent nearly 74 percent of mobile devices using the Google-powered operating system. The attacks can steal email addresses and authentication data stored on the devices to access sensitive data from Gmail, Google Photos, Google Docs and other services, Check Point said. It has also be found to force users into downloading apps as part of a huge advertising fraud scheme.


‘This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks,’ said Michael Shaulov, Check Point’s head of mobile products. ‘We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.’
Check Point said researchers discovered Gooligan’s code in an application last year and that a new variant appeared in August 2016, affecting some 13,000 devices per day.

About 57 percent of those devices are located in Asia and about nine percent are in Europe.

Attackers can gain control over the device and generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim. ‘We found traces of the Gooligan malware code in dozens of legitimate-looking apps on third-party Android app stores. ‘These stores are an attractive alternative to Google Play because many of their apps are free, or offer free versions of paid apps. ‘However, the security of these stores and the apps they sell aren’t always verified.’

Gooligan-infected apps can also be installed using phishing scams where attackers broadcast links to infected apps to unsuspecting users via SMS or other messaging services, researchers found.

source and more info avaliable here