Researchers from security firm Check Point have uncovered an Android malware campaign that has compromised over one million Google accounts.
In a Check Point blog post, the researchers said that the malware named Gooligan “roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.”
According to the researchers, the Gooligan malware can be found on over 86 apps available from third-party stores. Devices on Android 4 (Jelly Bean, Kitkat) and 5 (Lollipop) are said to be affected by the malware.
Google has confirmed the presence of the malware but it found no evidence that the malware targets user data access. Instead, Google said that the motivation behind the malware is to cheat Google Play rankings.
The tech giant said that it has rolled out updates to protect users from those apps.
(Photo Source: blog.checkpoint.com)