Since August this year, researchers say that most of the million Google accounts breached by malware infections dubbed “Gooligan” are based in Asia and hence the region has become the ground zero for malware which is aimed at Android operating systems.
Researchers from Check Point Software Technologies said that the new malware is able to steal information from Gmail, Google Photos, Google Docs, Google Play, Google Drive and G Suite after the virus manages to get into an android operating system run mobile device by burrowing in the devices.
By installing apps from Google Play on infected phones, hackers and attackers can also generate revenue.
When users accidentally click on malicious links in phishing attacks or after a user downloads and installs a “Gooligan”-infected app on third-party app stores, their devices tend to get infected by the malware. A rootkit, which enables the attacker to gain control of the mobile device, is downloaded from the host device after the infected app is installed and after it sends data about the device to the malware’s main server.
“This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks,” Michael Shaulov, Check Point’s head of mobile products. said.
“We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.”
Despite the media reports about the malware, Google did not immediately respond to a request for comment.
While just 9 percent of the affected devices are in Europe, a majority, about 57 percent of the affected devices are found in Asia. On the other hand, about 19 percent of the infected devices are in the Americas and another 15 percent of breached devices are in Africa.
“The malware is more dominant in the older version of Android, namely 4 and 5. Though we can’t say for sure why, some sources say the older Android versions are still pretty prevalent in Asia,” Steve McWhirter, vice president of Asia, Middle East and Africa at Check Point Software Technologies, told the media.
As pf present, market data shows that earlier operating systems Android 4.1 Jelly Bean, Android 4.4 KitKat and the Android 5.0 Lollipop together make up about 74 percent of the operating systems in devices in the market and the new malware has a tendency to mostly and easily target mobile devices running on these earlier operating systems.
Check Point Software Technologies said that a process called “flashing,” which can be done by mobile service providers or a certified technician, will be needed to be gone through by the android device users who suspect their account might have been hacked. Google account passwords should be changed immediately after “flashin”, The Check Point Software Technologies added.
(Adapted from CNBC)