News

Actions

Over 1M Google accounts infected by hackers in ‘Gooligan’ attack

Posted at 9:16 PM, Nov 30, 2016
and last updated 2016-11-30 22:22:42-05

NEW YORK – Once again, hackers are showing why you should never, ever download apps outside official app stores.

Hackers have gained access to more than 1.3 million Google accounts — emails, photos, documents and more — by infecting Android phones through illegitimate apps.

That discovery comes from computer researchers at Check Point, a cybersecurity firm. On Wednesday, Google confirmed to CNNMoney the nature and extent of the problem.

The hackers have managed to steal digital “tokens” that give them access to Google services, like a person’s email and photo collection. But according to Google, hackers have not yet tapped that information and stolen it.

The massive hack appears to be a criminal enrichment scheme.

Infected Android smartphones begin to install other, legitimate Android apps — then rate them highly. This fraudulently inflates their reputation, according to Check Point researchers.

Google has already removed the legitimate apps from its official store that have benefited from this ratings conspiracy, according to a blog post by Adrian Ludwig, the company’s director of Android security.

The malware also installs malicious advertising software that tracks users, a potential boon for data-hungry marketers.

Google says it has blocked 150,000 versions of this kind of nasty cyberattack.

But the problem persists. Another 13,000 devices are getting infected and breached daily, according to Check Point researchers who have been tracking this type of cyberattack since last year. They’ve nicknamed the hacking campaign “Gooligan.”

Check Point has set up a website — Gooligan.CheckPoint.com — for people to check if their devices have been hacked. (It requires you to enter your Google email address, gives you a response, and offers the company’s “ZoneAlarm” product.)

Alternatively, Android users could check to see if they have downloaded illegitimate versions of any of the apps listed at the bottom of this article.

Smartphone owners are advised to only download certified computer programs from official repositories. Google has its Google Play store. Apple has its App Store.

But some people insist on visiting unofficial app stores — typically on shady websites — because they offer free, counterfeit versions of popular apps.

“Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zuk Avraham, the founder of another cybersecurity firm, Zimperium.

On Tuesday, Google stressed that users should avoid downloading outside of Google Play.

According to Check Point, here’s the list of potentially infected apps:

Perfect Cleaner
Demo
WiFi Enhancer
Snake
gla.pev.zvh
Html5 Games
Demm
memory booster
แข่งรถสุดโหด
StopWatch
Clear
ballSmove_004
Flashlight Free
memory booste
Touch Beauty
Demoad
Small Blue Point
Battery Monitor
清理大师
UC Mini
Shadow Crush
Sex Photo
小白点
tub.ajy.ics
Hip Good
Memory Booster
phone booster
SettingService
Wifi Master
Fruit Slots
System Booster
Dircet Browser
FUNNY DROPS
Puzzle Bubble-Pet Paradise
GPS
Light Browser
Clean Master
YouTube Downloader
KXService
Best Wallpapers
Smart Touch
Light Advanced
SmartFolder
youtubeplayer
Beautiful Alarm
PronClub
Detecting instrument
Calculator
GPS Speed
Fast Cleaner
Blue Point
CakeSweety
Pedometer
Compass Lite
Fingerprint unlock
PornClub
com.browser.provider
Assistive Touch
Sex Cademy
OneKeyLock
Wifi Speed Pro
Minibooster
com.so.itouch
com.fabullacop.loudcallernameringtone
Kiss Browser
Weather
Chrono Marker
Slots Mania
Multifunction Flashlight
So Hot
Google
HotH5Games
Swamm Browser
Billiards
TcashDemo
Sexy hot wallpaper
Wifi Accelerate
Simple Calculator
Daily Racing
Talking Tom 3
com.example.ddeo
Test
Hot Photo
QPlay
Virtual
Music Cloud