More Than 2 Million Accounts Compromised By Android Malware

By Victor Thomson , Mar 04, 2017 03:30 AM EST

Security experts at Check Point recently discovered a new Android malware that compromises Google accounts of random users. This malware specifically targets Android devices that run on the Android 5 Lollipop and Android 4 KitKat versions.

New Android Malware Hacking Google User Accounts

According to Yahoo News, the major malware risk on smartphones remains to download a hostile app that runs up your phone bill or tries to compromise your data. In order to avoid such threat, the best advice is to stick to the Google Play Store. Downloading apps from the Web or third-party stores pose security risks.

The risk of malware is dramatically less on Google Play than a third-party app store because all apps on the Play Store are screened. However, the Google Play is not immune from risks. Technowize reported that researchers at Check Point, a cyber security company, discovered a new Android malware variant dubbed Googligan that affects the devices through various Google Play apps. The malware can hack Google accounts of random users.

Googligan is affecting almost 13,000 Android devices daily. Affected Google Play apps steal Google accounts' authentication details that are synced to the device. With this information, the hackers can access the user's data stored in G Suite, Google Play, Google Photos, Google Docs and Gmail.

After scanning all the affected accounts with the Android Security System, the faulty apps were already taken down from the Google Play store. According to Google officials, the malware has not affected personal files of the users.

How The Android Malware Works

The root cause of security breach is a bug present in the development platform of the malicious apps. This malware searches for HTML pages and then introduces infectious content towards the end of such HTML pages. The consequence is that Android malware could hide in the development platform without the developer's knowledge.

The HTML pages are designed to create revenue for the hackers by installing certain apps. They also fraudulently rate the apps on behalf of the user. More than 2 million apps were already installed through this process by the Android malware.

© 2020 ITECHPOST, All rights reserved. Do not reproduce without permission.
Real Time Analytics