Google's Android OS has always faced public wrath for its security vulnerabilities and looks like that it's bound to continue for some more time now. Security researchers from Check Point Software Technologies have found this new malware family, that it is calling Gooligan, has comprised about 1 million accounts.
It is found in at least 86 apps that are available in third-party marketplaces. Once installed, it uses a rooting process to gains an insider access to your system. It is said to affect devices running Android versions 4+. It should be noted that the vulnerable versions account for 74 percent of users.
So, the rooted devices will then download and install the software that steals authentication tokens and gives it access to the device owner's Google-related accounts without the need to enter the password. These tokens will work on several Google products including Gmail, Google Photos, Google Docs, Google Play, Google Drive and G Suite.
Basically, a Google authorization token is a way to access the Google account and the related services of a user that is issued by Google. Once stolen by a hacker, they can use this token to access all your Google services.
Is my Device Affected?
If you have been downloading apps from sources apart from the official Play Store, and want to check if your account is compromised, you can do so at gooligan.checkpoint.com .
You could also Check this list of apps, if you have downloaded any one of these then your device is infected.
Oh No, My Device is Affected. What do I do now?
Check Point reports lists out two things that you would have to do. Firstly, a clean installation of the operating system on your mobile device i.e. "flashing" a cleaner operating system.
This is a complex process, and it is recommended that users approach a certified technician/mobile service provider if they have no knowledge. Secondly. change your Google account passwords as soon as possible.
I would personally like to advise all the readers to not download Android apps from third-party stores.
Source: Check Point Software Technologies
Follow Me on Twitter>>>> @iamBhavish
And like us on Facebook>>> The Gud1
No comments:
Post a Comment