A security firm called Check Point from Israeli recently announced that 1.3 Million Android devices have been infected with “Googligan” since August 2016. Cybercriminals are using the spyware to target devices running on Android 4.0 and 5.0, which accounts to 74% of entire mobile device using the Google-Powered OS.
“Googligan” are said to steal Email ID and authentic data stored on phone to get access to data from Gmail, Google Photos, Google Docs, Google Drive, G Suite and more, which is an alarming flaw.
Check Point said –
“We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.”
It all begins when a user downloads and installs app that is Googligan-infected or by clicking on any malicious links available while using the app. Once installed, the spyware uses a process called as rooting (VROOT and Towelroot) to get access to phone running on Google Android OS version 4 (Ice Cream Sandwich, KitKat, and Jelly Bean) and version 5 (Lollipop).
Asia is highest affected with “Googligan” steal accounting 40%, followed by Americas with 19% and 12% are affected in Europe. Check Point examined the server logs and discovered that 30,000 apps were being downloaded by infected phones every day. The total number has reached to 2 Million so far and many of the businesses Google Accounts have been breached too.
Not only attackers can gain control over devices but can also rate app on behalf of victim and generate revenue with fraudulently installing apps from Google Play. The threat has already been reported to Google, but the giant has not responded to the AFP query immediately.