More than 1 million phones infected in Google cyber attack
Friday, December 2, 2016/
One of the largest breaches ever of Google accounts was uncovered on Wednesday, with cyber criminals reportedly infecting more than one million Android phones worldwide, stealing credentials and installing malicious software.
Uncovered by security software company Check Point, the attack is dubbed “Gooligan” and continues to infect over 13,000 phones every day.
The company believes the breach to be the largest Google account breach to date.
The malware comes from third-party applications installed outside of Google’s Play Store, and only affects phones running on version four and version five of the Android operating system.
The current version of Android is version seven, but due to many manufacturers’ sluggish update schedules, about 74% of Android users are still operating on those older versions.
Once installed, the malware uses an exploit only found in older Android versions, allowing the malicious applications to grant full access to all the phone’s functions, commonly known as “root access”.
Once root access is granted, the malware can then access all functions of the user’s Google accounts, including Gmail, Google Docs, Google Photos, and Google Drive.
Check Point notes that “hundreds” of the compromised accounts are associated with enterprise accounts.
Alongside gaining this access, the malicious software downloads apps and fraudulently reviews them, gaining revenue from ad services that pay for app reviews.
The device is also infected with “adware”, which displays unwanted advertising to the user, again generating revenue.
Check Point alerted Google to the issue, which responded by removing fraudulently reviewed apps from the Google Play Store, and protecting Google accounts that were compromised.
It is believed that Gooligan is a form of Ghost Push malware—malicious software that Google has been working to eradicate for over two years.
“We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” said Adrian Ludwig, Google’s director of Android security in a statement to Check Point.
“As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”
Check Point detected 57% of breaches to have occurred in the Asia region, with 19% occurring in the US.
Users can check if their Google account is compromised by using Check Point’s tool here.
Review your cyber security
Android users are advised to steer clear of apps that are not available in the Google Play Store, and to be wary of suspicious looking links.
And it’s another reminder to SMEs to be vigilant when it comes to cyber security, even for things as simple as updating old and outdated passwords.
In June this year, Facebook founder Mark Zuckerberg had his Twitter account compromised, and it was revealed that his password was “dadada”.
At the time, cyber security expert Michael McKinnon told SmartCompany passwords should be at minimum 12 characters in length, have uppercase and lowercase letters, and include at least one digit and symbol.
“If you can stick to these rules, you’re virtually uncrackable,” McKinnon said.
“Ideally you want a 50-character string of random numbers and letters, but we’re all human and remembering that would be hard.”
This article was originally published on SmartCompany.
A cultural war: What Hayne's report means for fintechs, accountants and small-business lending Charlotte Petris Timelio founder
In a perfect world: Canva's Melanie Perkins dreams about the future of Australian startups Melanie Perkins Canva co-founder
Swipe right for (data) validation: What dating apps can teach us about data security Leah Callon-Butler intimate.io co-founder
How do Australian startups tap into the $140 billion of dry powder sitting in the US? Andrea Kowalski Bailador partner
No silver bullet: Four steps to find the perfect sales and marketing channel for your startup Vinne Schifferstein Vidal Botown founder
Buzinga to Appster: An insider's theory on why the app giants keep falling Joseph Russell DreamWalk Apps co-founder
Got brand goals? The four most marketable sports of 2019 Andrew Montesi Pickstar head of marketing
What founders can do now to prepare for a possible 2019 recession Les Szekely EVP co-founder