Security research outfit Check Point has revealed a malware campaign that targets users of lower versions of Android like Android Jelly Bean and Lollipop. This new malware is called “ Gooligan ” and it usually infects devices via 3rd party app stores and phishing websites. Once installed, the malware can create quite a bit of trouble – and danger as well – if not discovered after a while.
Check Point says that Gooligan is probably an improvement from other earlier malware versions and emerged late in mid-2016. The security outfit also says that potentially around 1 million devices are infected at this point, and they are mostly using Android 4 (Jelly Bean) and Android 5 (Marshmallow). These earlier versions are vulnerable to the malware due to exploits like V-Root and TowelRoot, and because users have not patched their versions with security patches.
Once the malware is installed, it roots the host device and works to steal authentication tokens of the resident Google account within the Android device. This information is sent to a server, which means whoever has your information will be able to access your Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and all other related Google accounts.