A new Android malware has managed to steal access to more than 1 million Google accounts, and it continues to infect new devices, according to security firm Checkpoint.
The malware, called Gooligan, has been preying on devices running older versions of Android, from 4.1 to 5.1, which are still used widely, especially in Asia. Gooligan masquerades as legitimate-looking Android apps. Checkpoint has
found 86 titles, many of which are offered on third-party app stores, that contain the malicious coding.
The attacks can steal email addresses and authentication data stored on the devices to access sensitive data from Gmail, Google Photos, Google Docs and other services, Check Point said
The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages. Gooligan attempts to root the device, as a way to gain full control. The malware does this by exploiting well-known vulnerabilities in older versions of Android.
Security experts also caution users should avoid downloading apps from third-party app stores. This is because these stores often do little to verify that the apps offered are safe for use.
The creators of Gooligan are also spreading the malware by sending SMS text messages to unsuspecting victims containing links to download apps carrying the harmful coding.