Beware of Gooligan

Media reports suggest that over a million mobile devices may already have been breached.
If you thought that mobile devices were largely shielded from contamination and manipulation by malware, think again….news from the United States is that Android smartphones have become victim to a powerful new piece of malware called ‘Gooligan’ with over a million devices believed already to have been breached.
The reports warn that the virus is spreading at an alarming rate of 13,000 devices a day, and that it can give criminal or malicious hackers complete access to individual Google accounts.
Experts at security firm Check Point discovered the virus and are working closely with Google in order to eradicate it. The majority of handsets affected are apparently in Asia, but there is concern that it will spread to other regions.
Dave Palmer, Director of Technology at Darktrace said, “Time and again we see that devices and operating systems we hope are secure, are demonstrated not to be. As shown by this latest Google malware attack, criminals can undermine security controls and trick consumers to gain access to their data.
“Although this incident is focused on older phones, in the last few weeks we have seen major issues with the latest operating systems too, making us question whether our devices are getting any safer.”
In the vast majority of cases the Check Point researchers have found that users try and download apps through a third-party app store as an alternative to Google Play. The virus is transmitted within some of the downloaded apps and silently installs itself on the device.
Once on the smartphone, the virus downloads a new rootkit which in effect gives the hacker access to the phone’s Google account.
Researchers report that so far the virus has only been found on smartphones running Android 4 (Jelly Bean, KitKat) and 5 (Lollipop). They therefore advise that Android users download the latest versions of the software, and be wary about using third party download sites.