Google Accounts Breached by Gooligan

More Than 1 Million Google Accounts Breached by Gooligan

As a result of a lot of hard work done by our security research teams, we revealed today a new and alarming malware campaign. The attack campaign, named Gooligan, breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day.

Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.

Gooligan potentially affects devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which is over 74% of in-market devices today.

...

You can check if your account is compromised by accessing the following web site that we created: gooligan.checkpoint.com...

Lovely. This one looks very serious.

Take a look at the list of infected apps:

Appendix A: List of fake apps infected by Gooligan

Perfect Cleaner
Demo
WiFi Enhancer
Snake
gla.pev.zvh
Html5 Games
Demm
memory booster
แข่งรถสุดโหด
StopWatch
Clear
ballSmove_004
Flashlight Free
memory booste
Touch Beauty
Demoad
Small Blue Point
Battery Monitor
清理大师
UC Mini
Shadow Crush
Sex Photo
小白点
tub.ajy.ics
Hip Good
Memory Booster
phone booster
SettingService
Wifi Master
Fruit Slots
System Booster
Dircet Browser
FUNNY DROPS
Puzzle Bubble-Pet Paradise
GPS
Light Browser
Clean Master
YouTube Downloader
KXService
Best Wallpapers
Smart Touch
Light Advanced
SmartFolder
youtubeplayer
Beautiful Alarm
PronClub
Detecting instrument
Calculator
GPS Speed
Fast Cleaner
Blue Point
CakeSweety
Pedometer
Compass Lite
Fingerprint unlock
PornClub
com.browser.provider
Assistive Touch
Sex Cademy
OneKeyLock
Wifi Speed Pro
Minibooster
com.so.itouch
com.fabullacop.loudcallernameringtone
Kiss Browser
Weather
Chrono Marker
Slots Mania
Multifunction Flashlight
So Hot
Google
HotH5Games
Swamm Browser
Billiards
TcashDemo
Sexy hot wallpaper
Wifi Accelerate
Simple Calculator
Daily Racing
Talking Tom 3
com.example.ddeo
Test
Hot Photo
QPlay
Virtual
Music Cloud

a reply to: loam

Nice find....wonder how many accounts will end up breached in the end...

a reply to: loam

Thanks for that, I immediately went to check and phew, NOT BREACHED.

a reply to: Arnie123

Me too. Not breached. But wasn't sure. Some of those apps looked familiar.

originally posted by: Arnie123
a reply to: loam

Thanks for that, I immediately went to check and phew, NOT BREACHED.

Same here, but I had trouble proving I'm not a robot.

a reply to: loam

people who make malware should be executed

a reply to: ausername



Me too!!!

I hate, hate, hate, captcha. It gives me a total complex...like there's something wrong with my brain or that maybe I'm really not human after all.

Muahahahaha...

i am deeply suspicious of any of these " check to see if ........................... " sites // services

i will pass on checking my phone

for several reasons

1 - i have security apps running and uptodate definitions from trusted sources

2 - i dont recognise any of the hacked apps listed - and diont download shiite

3 - the addy i use on my phone is my main gmail account - and i avoid giving it to any untrustworthy source and " check to see if ..... " rates in my mind as pure scam bait

a reply to: Arnie123

How do you check?

originally posted by: ignorant_ape
i am deeply suspicious of any of these " check to see if ........................... " sites // services

i will pass on checking my phone

for several reasons

1 - i have security apps running and uptodate definitions from trusted sources

2 - i dont recognise any of the hacked apps listed - and diont download shiite

3 - the addy i use on my phone is my main gmail account - and i avoid giving it to any untrustworthy source and " check to see if ..... " rates in my mind as pure scam bait

My thoughts exactly!

a reply to: loam

Wow - That's a lot of infected apps.

I don't believe I have any of them, but more importantly my Droid Turbo 2 is running Android Marshmallow so it appears that I'm safe.

a reply to: loam

I didn't even know they had apps like Sex Photo, PornClub, etc... I don't have any of the listed apps, thanks for the information though, it's good to know. Glad I don't have any credit card info or personal info linked to my Google account.

a reply to: loam

Also, this is just further proof that we've out-technicalized ourselves once again.

We are so close to the sigularity it's not funny, Google already uses AI for it's search results and machine learning for it's algorithms like penguin and panda.

I don't think it's much of a step before they allow an AI to roam loose on their servers to combat these malware scripts that replicate and activate, its only a matter of time before something out in the wild like that evolves.

Not to mention, it will have access to all our personal data, maybe it will be a good thing and help make wages and jobs more fair, maybe it'll make us all live in a people zoo.

originally posted by: Tranceopticalinclined
We are so close to the sigularity it's not funny, Google already uses AI for it's search results and machine learning for it's algorithms like penguin and panda.

Close?

lol.

AI will go from modifying algorithms to be more efficient, to creating original algorithms, to writing its own programming language, to designing and creating technologies far more advanced than we can imagine.

Then?

originally posted by: loam
You can check if your account is compromised by accessing the following web site that we created: gooligan.checkpoint.com...

OMG!!!
You guys didn't go there and put in your address and push the button!?!?!?!?!?
I guess we'll see what happens...

Checkpoint is an Israeli security company. Checkpoint firewall is/was their product.