Malicious
software designed to attack Android smartphones has breached the accounts of
more than a million Google users, security researchers said Wednesday.
The
report by Check Point Software Technologies said the malware dubbed Gooligan
targets devices running Android 4.0 and 5.0, which represent nearly 74 percent
of mobile devices using the Google-powered operating system.
The
attacks can steal email addresses and authentication data stored on the devices
to access sensitive data from Gmail, Google Photos, Google Docs and other
services, Check Point said.
“This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks,” said Michael Shaulov, Check Point’s head of mobile products.
“We
are seeing a shift in the strategy of hackers, who are now targeting mobile
devices in order to obtain the sensitive information that is stored on them.”
Check
Point said researchers discovered Gooligan’s code in an application last year
and that a new variant appeared in August 2016, affecting some 13,000 devices
per day. About 57 percent of those devices are located in Asia and about nine
percent are in Europe.
“The
infection begins when a user downloads and installs a Gooligan-infected app on
a vulnerable Android device, or by clicking on malicious links in phishing
attack messages,” the company said in a statement.
Attackers
can gain control over the device and generate revenue by fraudulently
installing apps from Google Play and rating them on behalf of the victim.
Check
Point said it reported the details of the malware to Google, and that the tech
giant indicated it would take steps to protect users.
Google
did not immediately respond to an AFP query. - Guardian
No comments:
Post a Comment