Android users that haven’t updated the operating system, beware: malware is infecting 13,000 devices every day, putting over 1 million Google users at risk.
Tech Insider reported today that the software company Check Point has discovered “Gooligan”, a new malware that is infecting Android phones and stealing email addresses. According to Google, the malware comes from a larger family called ‘Ghost Push’, a “collection of 'Potentially Harmful Apps' (PHAs) that generally fall into the category of 'hostile downloaders.' These apps are most often downloaded outside of Google Play and after they are installed, Ghost Push apps try to download other apps.”
According to Tech Insider “Users who download Gooligan-infected apps or click links in phishing messages are being exposed to the malware, which allows attackers to access sensitive information from Google apps like Gmail, Drive, and Photos.”
Once attackers hack into the device “they're buying apps on the Google Play store and writing reviews posing as the phone's owner,” says Check Point. The security firm also adds that anyone who owns a device running Android 4 and 5 — that includes Android Jelly Bean, KitKat, and Lollipop — is most at risk. Unfortunately, those devices make up nearly 75% of Android users.
Google’s director of Android security Adrian Ludwig wrote in a Google+ post about the attack "We’ve taken many actions to protect our users and improve the security of the Android ecosystem overall. These include: revoking affected users’ Google Account tokens, providing them with clear instructions to sign back in securely, removing apps related to this issue from affected devices, deploying enduring Verify Apps improvements to protect users from these apps in the future and collaborating with ISPs to eliminate this malware altogether."
So far, it seems that there is no evidence of user data access, but it is imperative that those who haven’t updated their operating systems do so immediately (those with up-to-date security patches were not affected.) Unlike Public Clouds or SaaS platforms, the Abacus Private Cloud is built exclusively to run your business technology in a fully integrated, secured, and managed environment that protects against these types of threats.
While we love Google products, we don’t integrate with its suite of applications. Instead, our Abacus Private Cloud is a compliance ready, fully managed Desktop-as-a-Service (DaaS) workplace with built-in multi-tiered security seamlessly designed and engineered to safeguard companies against cyber threats.