Android Users Victim to Possibly the Biggest Theft of Google Accounts Yet

A new strain of Android malware has infected a whopping 1.3 million users globally since August, according to security firm Check Point in a blog post statement released this morning.

Spreading at an Alarming Rate

The malware, coined ‘Gooligan’, continues to breach around 13,000 new devices per day.

Most of the infections have occurred in Asia (40%), although there have been reported cases in the America’s and Europe. The malware is believed to be producing up to $320,000 per month.

Check Point and Google have formed a task force to battle the threat, and released a free tool today in order to check if a user’s device has been infected.

How Does It Happen?

The malware embeds itself into the root of an Android device, allowing it to take control and install software or applications that the owner does not download intentionally. The owner could have contracted the malware by visiting third-party developer, porn, or other unsecured websites.

The malware then illegitimately posts five-star ratings and positive reviews on the app’s page using stolen tokens that the user was given in order to authorize their access to the account.

It Isn’t Data They’re After

Surprisingly, the creators of the malware do not intend to steal credit card information, personal data, or other important information held in Google accounts, but rather acts as a tool for advertisement fraud.

No user data has been stolen, according to Google’s Android security chief, Adrian Ludwig, as there has been no evidence of fraudulent activity on infected accounts other than the posting of app reviews.

In his statement, Ludwig said that all affected users have been alerted and had their login tokens reset. They were also provided with guidelines on how to securely login in the future.