More Than 1M Google Accounts Breached by Malware

[HardOCP News]

While malware affecting more than a million Google accounts is bad, I have to admit that the "Gooligan" name is kinda clever. This infographic shows you how Gooligan works:

As a result of a lot of hard work done by our security research teams, we revealed today a new and alarming malware campaign. The attack campaign, named Gooligan, breached the security of over one million Google accounts. The number continues to rise at an additional 13,000 breached devices each day. Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.

 

[Rahh]

Ouch! Let's hope it is as small as they say. Lately, reports like this ended up being far bigger.

 

[rat]

"User installs malware from a third party app store."

All you need to know. Don't install pirated apps from sketchy sites.

Done.

 

[azuza001]

Holy hell gates batman, that's a complex and apparently very successful scam/maleware system. I have seen a lot of people come into work with a lot of those programs on their phones too and am always told the same thing "I don't know whats needed or not, I don't know how those got there, but my phone is slow fix it".

Not it makes more sense.

 

[Accursed]

It Roots your device?! w00t!! I've been wanting to root my device....

 

[Armenius]

"User installs malware from a third party app store."

All you need to know. Don't install pirated apps from sketchy sites.

Done.

So, as is usual with this kind of stuff, we have a PEBKAC situation on our hands.

 

[DocSavage]

"User installs malware from a third party app store."

All you need to know. Don't install pirated apps from sketchy sites.

Done.

This reminds me of all the virus infected machines I've come across where the root infection is from trying to download free music. Way to ruin your several hundred dollar device trying to save a tenth that.

 

[amddragonpc]

Appendix A lists Google as one of the affected apps. Oh well, there goes the neighborhood. (Now where is that old Nokia cell phone I used long time ago. (Searching ...) )

 

[DocSavage]

"User installs malware from a third party app store."

All you need to know. Don't install pirated apps from sketchy sites.

Done.

Not only that, but a lot of people are proud of rooting their phones, and I doubt more than 0.01% check the code they're installing from these sites.

 

[Rustynuts]

What if the gooligan checkpoint website actually installs gooligan?

 

[serious]

"User installs malware from a third party app store."

All you need to know. Don't install pirated apps from sketchy sites.

Done.

I don't think any app from 3rd party app stores can infect 1 million device in 4 months.

 

[Wrecked Em]

It would be funny if the 3rd party app store was Amazon.

 

[IcePickFreak]

I can't wait for the IoT to catch-up so I can read about people getting ransomware on their refrigerator at dinner time, blenders going off at 3am, ect. These are exciting times we live in!

 

[thesmokingman]

It roots the device? Can it root US S7?

 

[dgz]

Google accounts === devices now? I get what they're trying to say but come the fuck on.

 

[N4CR]

this is why if forced I use a throwaway account and have nothing else to do with gshit services.

 

[thejokker]

A couple years ago I got into an online argument with a guy who maintained that Android was going to replace Windows because it was immune to security threats by design...

 

[jardows]

How did this happen? Did Microsoft reveal to the hacking community a security hole in Google's systems?

 

[DocSavage]

A couple years ago I got into an online argument with a guy who maintained that Android was going to replace Windows because it was immune to security threats by design...

Oh how naive we were...

 

[DocSavage]

How did this happen? Did Microsoft reveal to the hacking community a security hole in Google's systems?

I feel like the hackers are really stepping up their game on every front. I'm sure there are databases in at least Russia and China that have peoples' identities and all known accounts with passwords and security questions. A coworker here got tricked into typing her work email address and password on a webserver that looked like google's, and the hackers not only got into her work email, they also got into her personal yahoo account with the same password around the same timeframe.

 

[zomby]

what's the purpose of the attacker, why do it? is it for fun, for money, for madness! why?
leave innocent people account alone. There is lots of school (children) using the google product for their school emails and homework, don't mess with it.

 

[DocSavage]

what's the purpose of the attacker, why do it? is it for fun, for money, for madness! why?
leave innocent people account alone. There is lots of school (children) using the google product for their school emails and homework, don't mess with it.

The decent people do leave everyone else alone. The hackers are pretty much sociopaths.

 

[Makaveli@BETA]

thankfully I don't have a gmail account or use any of googles systems!

other than web search!

 

[trparky]

I hate to say I told you so but I did. This shit happened because the Android OEMs refuse to push out security updates as fast as they should be. Where's the outcry against the Android OEMs to be doing their damn jobs? I'm listening but I don't hear it. I've been saying this for the past three years, I was predicting this exact kind of scenario. It was not a matter of if, it was a matter of when. I called it.

You wouldn't run an old version of Firefox, Adobe Flash, or God forbid run your Windows machine without the latest Windows Updates. Oh no, that would be like playing the digital equivalent of Russian Roulette. But when it comes to Android devices we seem to give the Android OEMs and Google themselves a complete pass and act like they've done no wrong. Bullshit! Google and their OEM partners fucked up and fucked up hard. All they care about is money, money, and more money. Oh crap, we need to hit next quarter's numbers so we're not going to care about our older devices because we have this new one to sell. Come on sheep... I mean people, we have a new device to sell you! Get your wallets out. Nevermind the fact that in six months we're going to do it to you again because we have another new device to sell you.

Google needs to reign in their OEM partners and tell them in no uncertain terms that if they want their new device to be blessed with the Google App Package (Google Play Store, Services, GMail, etc.) they need to commit to a guaranteed software update schedule or no Google Apps for you. Enough is enough. The only thing the OEMs understand is money and if they can't sell a new device because it wasn't blessed by Google then so be it. Let's hit them where it really hurts... their quarterly numbers and stock price!