More than one million accounts hacked, with the number increasing by 13,000 every single day. These are the figures associated with the latest large scale malware attack, known as the Gooligan attack. The Malware, after infecting your mobile phone, roots it, steals authentication data and hacks into your Gmail accounts, including the Play Store. It then starts downloading malicious apps. The Gooligan is a newer of version of the Malware campaign in the SnapPea app incident.

What exactly does the Malware do after infecting your device?
Every app on the Play store is actively rated after every download. Apps with higher ratings on an average generally get more downloads. Google has placed Ad servers to avoid auto-generated reviews from unverified accounts from having an effect on the average rating of an app.

However, this Malware hacks verified accounts, and downloads fraudulent useless apps. Once it has done so, it escapes being caught by the Ad Servers of the Play Store, and gives very positive reviews to these apps. Once the app is installed, the ad servers pay the attacker for the download of the app, which features ads from several different agencies.

Which Devices are affected?
Well, practically all modern day Android cellphones run the risk of being infected by the malware. Studies have shown that over 74% of all Internet market devices are potentially affected, with more than 50% of all Asian mobile devices possibly exposed.

How to check if your phone Is infected?
You can use’s online tool to check if your device has been infected. In case your device has been affected by the Gooligan Malware attack, you would probably have to flash your device (replacing the OS in your mobile device), and change your Google Account passwords promptly.

Google has already begun taking measure to mitigate the damage caused by what was incidentally the largest ever Google Account breach. Google, through a service called ‘Verify Apps’, to detect bits of the Malware present in any of the apps downloaded by the user in the past. These malicious apps are actively being removed by Google from the Play Store, and recommends users keep the app-verification step active to prevent the download of these malicious apps.

How to fix your device if your Device has been compromised?
If you simply do not trust your device with a technician, you can flash your device yourself
1. Backup all the data on your device
2. Install a rooting software onto your device
3. Enable USB de-bugging
4. Root your device
5. Download the kernel package for your device
6. Use Custom Recovery
7. Install the Kernel
8. Change the passwords for your Google Accounts


About The Author

"As a child, I was always looking at cyber security news because it interested me immensely. Growing up, I developed a habit of surrounding myself with other like-minded people and this helped shape me as a cyber security enthusiast. By constantly indulging in cyber security related forums, my love for the topic has snowballed."

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

9 + 20 =