Is Your Android Infected With Gooligan?

What the heck is Gooligan?

Googlian is a recently uncovered type of malware that stole the credentials to gain full access to users’ Google accounts after they installed a dodgy app on their Android phone. Currently there are more than 1 million Google accounts that have been breached.

This issue was uncovered by CheckPoint, who have written a really excellent blog about it:

 

How do you know if your Google account is breached?

You can check if your account is compromised by accessing the following web site:  https://gooligan.checkpoint.com/.

 

I’ve been breached!! What do I do?!

If your account has been breached, the following steps are required:

1. A clean installation of an operating system on your mobile device is required (a process called “flashing”). As this is a complex process, we recommend powering off your device and approaching a certified technician, or your mobile service provider, to request that your device be “re-flashed.”
2. Change your Google account passwords immediately after this process.

 

How can I prevent Gooligan?

You get infected with Gooligan by downloading a dodgy app from places other than the Google’s App Store. Only Android version 4 and 5 are vulnerable, but if you’re unsure of your version you should check if your account is compromised anyway.

We also recommend retiring old Android devices as they’re often vulnerable to nasty bits of malware. We recommend using Google Nexus or Google Pixel devices as Google quickly updates them with the latest security updates & software.