Google accounts hit with malware — a million and growing
By Prempal Singh
Million Google accounts have been hit by harmful malware, according to a security company.
Check Point said in an article that the attack marketing campaign, known as Gooligan, is expanding to an additional 13, 000 devices a day. It’s malware that infects devices and shoplifts their authentication tokens to breach data from Google Play, Gmail, Google Images, Google Docs, G Suite, Google Drive and other programs.
The malware assault is said to be the largest single theft of Google accounts on record, according to Forbes. Yet the reason behind the assault might not be what you needed to expect. It’s not to grab personal information from the accounts of Google users. Instead, it’s to force them to download applications that are part of the advertising fraud plan which makes up to $320,000 a month, Shaulov, head of mobile and cloud security at Check Point, told Forbes.
Google took care of immediately a request for comment with a hyperlink to its article about the attack. Inside the post, Google said they have found no evidence that Gooligan has accessed consumer data or that specific groups of individuals have recently been targeted. “The motivation… is to promote apps, not steal information, ” Google said.
The episode comes at a period when internet attacks have been a high profile problem, striking everyone from internet leaders to the Democratic Country wide Committee. In September, Google suffered what is thought to be the largest internet attack in history, by which hackers swiped information from more than half a billion accounts. And in July, the White House said it believed Russian federation was behind hacks of the DNC.
Gooligan goes to a family of malware called Ghost Drive. It features a Trojan viruses kind of attack, in which the malicious software poses as legitimate applications for Android smartphones and tablets. Names of the malicious applications include Stopwatch, Perfect Cleaner and Wi-fi Enhancer, according to The Wall Street Journal. When the herbs are installed, these applications automatically set up other apps, some of which can steal email usernames and passwords to post fake reviews.
Those downloading and reviews apparently give food to into the hackers’ advertisement fraud scheme. The cyber-terrorist have run advertisements in those forcibly downloaded applications, so every click or download helps the cyber-terrorist make money, Forbes reported.
Check Point said Gooligan is a variant of an Android malware marketing campaign found by researchers in the SnapPea application previous year.
The Gooligan applications come from third-party application stores or websites, rather than the Google Play store, where the company has more authorization over applications. But Check Point said some applications that Gooligan downloads without permission can be found on the Play store.Google said it has removed those applications from the
Google said it has removed those applications from the Play Store. People who are worried that their Google accounts may be affected can seek advice from the Check Point website.
Source: cnet.com