1.3 million Google accounts compromised by Gooligan Android bug

The bug formerly known as “Ghost Push” has gotten some new life from some successful hackers. And its name is somewhat ridiculous: Gooligan.

Check Point Software and Google have been tracking down this bug, which spreads through the installation of malicious apps from third-party libraries, and seeing what Gooligan does. Once the app gets downloaded, malware inside the app siphons account credentials, roots your device, sticks in code into your apps and downloads more of them and abuses authentication tokens into your Google accounts for Google Play, Photos, Drive, Docs, Gmail and others.

gooligan-how-it-works

Your compromised account may “pen” fake, five-star reviews for apps on the Google Play Store.

Devices on Jelly Bean, KitKat and Lollipop are at risk with this bug — which is pretty much most of the Android smartphone market out there — and its blast radius of 1.3 million accounts has mostly been in Asia at 57 percent. 19 percent of the affected accounts are from the Americas, 15 percent are from Africa and 9 percent are from Europe. An estimated 13,000 accounts are getting hijacked every day.

info_4_revised_11-23-16

For a complete list of fake apps infected by Gooligan, head to our source link. You can also check to see if your Google account has been compromised at this site.

For its part, Google is tracking down all the fake apps and removing them from the Play Store as well as revoking the authentication tokens of Google accounts that may have been hijacked. It is also contacting internet service providers to take down servers where these Gooligan operations are taking place.

The post 1.3 million Google accounts compromised by Gooligan Android bug appeared first on Pocketnow.

272 million Mail.ru, Yahoo, Outlook, Gmail accounts poached in Russia

We’re in the age of big data breaches and we’re used to them. Target, T-Mobile and now, a bunch of email accounts.A Russian hacker was said to have been able to rack up the names and credentials of more than 272 million email accounts and would be willing to give it all away to those wanted them for just 50 roubles. That’s about $1.Alex Holden, founder and chief information security officer of Hold Security, informed Reuters about the trove. He said that the hacker was prepared to ...

Continue reading »

The post 272 million Mail.ru, Yahoo, Outlook, Gmail accounts poached in Russia appeared first on Pocketnow.

T-Mobile has data breached into — 15 million subscribers affected

We can talk about mobile privacy and security all we want. We can talk about keeping the data on our phones safe, be it that you’re on the side of BlackBerry, Blackphone or whatever else. But you can’t ...

Continue reading »

The post T-Mobile has data breached into — 15 million subscribers affected appeared first on Pocketnow.