It’s been a banner year for cybercriminals. Data breaches, ransomware and phishing attacks have all been growing threats.
Scams are so rampant that Juniper Research is predicting that the cost of data breaches will rise to over $2 trillion globally by the year 2019. Yikes!
With so many scams out there, we decided to warn you about the three biggest security threats for Android users today.
Malicious software masked as authentic apps for Android gadgets has recently been discovered. Malware known as Gooligan has been infecting nearly 13,000 Android gadgets every single day since August. It has gained control of over a million Google accounts since that time.
So far, there have been 86 of the malicious apps found in third-party marketplaces. A few of those apps are named Perfect Cleaner, StopWatch and Wi-Fi Enhancer.
If one of these malicious apps is installed on your gadget, it begins the rooting process. Having root access of your gadget means the scammers can do whatever they want on it. Hackers can use the access to spy on you using the camera and microphone, read texts and emails, install other viruses or anything else they want.
Stay with us on this…
Once Gooligan has root access to the infected gadget, it downloads a malicious module from the Command and Control (CC) server and installs it. Code is then injected into running Google Play or Google Mobile Services to copy user behavior to avoid being detected.
The module lets Gooligan steal a user’s Gmail account and authenticate token information. It can also install apps from Google Play and give them positive ratings to boost their reputation. It also installs adware to bring in revenue.
Anyone who has an Android gadget that is running an older version of its operating system is at risk. These include Android 4 and 5, which are known as Android Jelly Bean, KitKat and Lollipop. Nearly 75 percent of all Android users are running these operating systems.
The reason these older operating systems are at risk is because security patches designed to fix certain flaws are not available to them or the user never installed them.
You’re also at risk if you download apps from third-party marketplaces. It’s a good idea to stay away from these and only get apps from trusted sources like the Google Play store. Even then, use caution!
The Gooligan malware can also infect your gadget if you click on malicious links sent through a phishing attack. Be especially careful!
With Gooligan, infected gadgets download and install software that heists tokens used to authenticate the owner’s phone. These tokens give them access to Google related accounts without needing to enter a password. These accounts include Gmail, Google Play, Google Docs, Google Drive, Google Photos and G Suite.
There is a way that you can find out if your gadget has been infected.
An online tool has been created by Check Point that will let you know if your gadget has been infected. Click here to access the Gooligan Checker tool. Once there, just type your Google address into the Gooligan Checker and it will tell you if you’ve been hacked.