Researchers with Check Point Software recently released a report on a new strain of Android malware called Gooligan. This malware has compromised more than a million Google accounts, and is expected to effect at least another 13,000 accounts as users continue to download the infected applications responsible.

Gooligan’s origins have been traced back to an app called SnapPea, which was identified as malware a year ago. Since then, it has popped up in dozens of other seemingly-legitimate apps available for download in third party Android stores, which are popular with users searching for a free alternative to paid apps. As these app stores are not controlled by Google, downloading applications through them is firmly discouraged by Google. Only applications downloaded through the Google Play store are scanned for malware or other issues.

Users who bypass the safeguards offered by Google Play are at risk of dangerous malware infections. Gooligan is especially harmful, as it gains access to a user’s entire Google account. These Gooligan-infected apps can also be downloaded to your devices through phishing scams that forward download links to unsuspecting users through text messages, or other mobile messaging services.

Android MalwareA device that has been infected by Gooligan has the ability to grant hackers access to any data stored in the user’s Google Docs, Google Drive, Google Photos, Gmail, and Google Play accounts. The bulk of the infections occurred in Asia (57%), with the Americas coming in a distant but no less alarming second (19%).

Gooligan is able to do more than just steal private data. The malware can take your account and token authentication information, and use it to install adware that generates revenue for the hacker. It can also use your credentials to install app from Google Play and boost their approval rating – which explains why you will sometimes find truly awful apps in the Google Play store with high ratings.

This is believed to be the biggest Google Account breach to date. Google has been made aware of the situation, and has already taken steps to protect their users and improve the security of the Android system overall. Check Point Software provides a tool that will allow you to find out if your account has been compromised. You can check your account here.

Want to learn more about the steps you can take to keep your devices safe from malware? Contact us at or (415) 294-5250. We’re the IT professionals businesses in San Francisco trust.

Author: Lance Stone, Date: 2016-12-06

On Time Tech is your One Click & Fixed San Francisco Managed IT Services & IT Support Company.

San Francisco IT Support from On Time Tech Allows You Optimum Business Growth

So, your current IT management – whether handled by in-house staff or an outsourced IT management compan[..]

Read More

We’ve Got the “One Click & Fixed” IT Solutions Your California Business Needs

These days, people are looking for convenience in computer support services that don’t waste their time [..]

Read More

The Benefits of Using IT Managed Services 

Discover the many benefits of partnering up with an IT Managed Service Provider. Today, many businesses a[..]

Read More