Privacy & Security

One million Google accounts reportedly hacked through Android malware

The virus first appeared in 2014, but reared its head again in August. It's since created a more sophisticated attack method, which has compromised more than 13,000 devices a day.
By Jessica Davis
November 30, 2016
03:35 PM

More than 1 million Google accounts – including authentication tokens – have been compromised by the Android malware strain known as Gooligan, security firm Check Point reported on Wednesday.

Hackers can use the stolen credentials to gain access to Gmail and Google Photos, Docs, Drive, Play and GSuite. Further, the cybercriminals can generate revenue by installing apps from Google Play and rating the apps on behalf of the user. Hackers also profit from the adware installed by Gooligan.

First spotted in the wild in 2014, this most recent campaign that began in August has infected about 13,000 devices each day by targeting Android 4 and 5 devices. Checkpoint officials estimate that accounts for nearly 74 percent of Android users.

Currently, Gooligan installs 30,000 apps a day on breached devices – or 2 million fraudulent apps since the campaign began.

The researchers also found Gooligan in many legitimate-looking third-party app stores, but users also downloaded the app directly from malicious links found in phishing messages.

Check Point researchers contacted Google's security team with their findings, and the firm is offering a free online tool that lets users determine if their account is part of the breach.

"This theft of over a million Google account details is very alarming and represents the next stage of cyberattacks," said Check Point's Head of Mobile Products, Michael Shaulov, in a statement. "We're seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them."

"We appreciate Check Point's partnership as we've worked together to understand and take action on these issues," Google's Director of Android Security, Adrian Ludwig, said in a statement.

"As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall."

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Mobility, Privacy & Security

More regional news

Capitol rotunda at sunset

Congress releases AI policy blueprint

By
Andrea Fox
December 20, 2024
Epic booth at HIMSS global conference

Epic files to dismiss antitrust lawsuit

By
Andrea Fox
December 20, 2024
Representatives of NUS Medicine, Kailuan General Hospital, Tianjin Medical University, and Tianjin Medical University General Hospital pose after signing their MOU

Chinese hospitals join NUS Medicine's big health data project

By
Adam Ang
December 19, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Capitol rotunda at sunset
Congress releases AI policy blueprint

Most Read

Epic asks court to throw out 'baseless' Particle Health lawsuit
CHAI: Look for healthcare AI model 'nutrition labels' soon
New DiMe platform validates digital health software
Aidoc, NVIDIA intro new plan to speed AI adoption in healthcare
Winning cybersecurity warfare is the ultimate millstone for CISOs
A passwordless future for clinicians? Industry paper points to a new paradigm

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

Video

John Saran at Holland & Knight_Modern office buildings in London Photo by Tim Grist Photography/Moment/Getty Images
PE and healthcare investment: What's next for 2025
Sponsored by
Healthcare worker talking to patient
New infusion pumps may help lighten nurses’ workload
Dr Chien-Tzung Chen 4t Linkou Chang Gung Memorial Hospital_HIMSS24 APAC
Linkou Chang Gung Memorial Hospital eyes remote patient monitoring at home
Dan Torrens at eHealth Technologies_Blockchain in healthcare concept Photo by ArtemisDiana/iStock/Getty Images Plus
Getting providers from point A to B

More Stories

Dr. Eric Liederman, CEO of CybersolutionsMD
Q&A: CybersolutionsMD CEO on preventing cyberattacks
Change healthcare booth
Nebraska sues Change Healthcare over ransomware attack
Vijayashree Natarajan of Omega Healthcare on AI
Three for 2025: data security, cancer informatics and agentic AI
Capitol Hill
Congress looks set to extend telehealth and hospital-at-home flexibilities
Josh Di Frances at LG NOVA_Top down view of startup team Photo by NanoStockk/iStock/Getty Images Plus
What a startup pitch competition shows about IT innovation
Ravi Teja Karri of Froedtert Health on AI
Using AI and ML in predictive analytics for bed demand forecasting
Abstract image of AI brain and technology
ASTP updates HHS AI Use Case Inventory for 2024
Female doctor on laptop smiles at patient in foreground who is taking notes
Report shows overwhelming doctor support for virtual care