Chapter in this post:
Gooligan is a new one Android Malware, which has infected and rooted a million devices since August 2016 and hacked Google accounts in the process. What Gooligan is exactly, how the malware works and which apps you should avoid as an Android user, I want to briefly explain to you here. In addition, the new malware, which can basically get onto the smartphone quite easily, is again an argument for it, rather one iPhone to use ;)
TL; DR: If you just want to know whether your Android device is infected by Gooligan, click here!
The message from Gooligan is now slowly arriving in Germany. According to the cyber security company, the Android malware is said to be Check Point 1 million devices already infected to have; Up to 13.000 more would be added every day. Gooligan sneaks in mainly with older Android versions and those without the latest patches. Especially versions 4 (Ice Cream Sandwich, Jelly Bean, KitKat) and 5 (Lollipop) are affected. According to current figures (November 2016), among other things Android Police supplies, these versions still account for a whopping 80,2% of all Android devices.
According to Check Point, only 9% of the devices affected so far are in Europe - probably one reason why there are not many reports in this country. 19% of the affected devices are on the American continents, 15% in Africa and 57% in Asia. In all attacks, the hackers use a command and control server (C&C) to spread infected apps. In addition to third-party sites, some infected apps also come from the Google Play Store. Once installed, Gooligan reads data and roots the device. Then new system modules and apps are loaded, which can (automatically) be rated on behalf of the user.
But that's not all. The malware got its name mainly because it hacked the user's Google account and was able to use Gmail, Google Play, Google Drive, Google Docs, Google Photos and so on on behalf of the person concerned. For example, Gooligan can spread itself via email. In addition, individual apps are automatically rated with 5 stars and always the same comments. So if you find a game in the Play Store that has an extremely high number of 5 star ratings and everyone just says “Good Game”, you now know that something is wrong.
Software like the one described here can cause all kinds of damage - not only the hack and the possibly necessary resetting of the entire device system are annoying. Some malware also send SMS messages on behalf of the user. If you have a flat rate and nobody answers it, then you may not even notice it. Without an SMS flat rate, however, you can quickly find yourself in a financial mess (I only mention that because it was only recently brought to my attention by those affected). If then MMS are added, it gets bad.
Such horror scenarios are as good as only on Android. Apple's iOS and the other operating systems of the developer from Cupertino as closed systems without a (simple) possibility for the root are much better protected. Only users who jailbreak and then download apps from dubious sources run the risk ... And even then, the target group is so small that hackers tend to focus on Android.
As a credible cyber security company, Check Point offers a so-called Gooligan Checker as a service. The tool is very easy to use; you just enter the email address that is connected to your Android device and click on "CHECK". Then after a short check you will be told whether your smartphone is affected by Gooligan. The Gooligan Checker you can find it through this link.
Check Point issued this list of partially infected apps. Under no circumstances should these be downloaded from third-party providers, but only in the Play Store and in the latest version in case of doubt:
If you want to find out more about so-called "ghost push" malware, to which Gooligan belongs, I can help you this G + Post from Adrian Ludwig recommend. You can find information and data on the SnapPea malware family mentioned above here . Since the malware did not attract attention in this country until December 2016, I recommend that you distribute this article via Facebook, Google+, Twitter, e-mail, etc. in order to prevent further infections. Good luck and, despite everything, have a nice Advent season!
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.