Gooligan Menace – Stay Safe from Hackers
Privacy is an important aspect of the modern day society especially considering the fact that presently, nearly every technological gizmo in the market can access the internet. As a result they have become the basis for not only accessing information from other users of the same platforms and devices but also accords the corresponding user a platform to share their own information.
However in this case, it is assumed that the parties sharing information have knowledge of each other and most importantly the knowledge of the information they are sharing. On that note, Google Android devices are under scrutiny for their credibility when it comes to protecting the information of people who use devices that run on this operating system. This is following the susceptibility to attack by the Gooligan malware.
What is Gooligan?
Gooligan is a malware that attacks android powered devices through a phishing process. It can be installed by cyber criminals and hackers alike from third party app store. This malware can be used to root authentic android devices effectively not only nullifying their warranty but also allowing for installation of third party applications that can compromise the integrity of the device under attack.
With this malware, access to the user’s Google accounts is very easy for prying eyes. In particular, the compromised accounts include but not limited to Google Photos, Google Play, Google Docs, Google Drive, G Suite and most importantly Gmail accounts.
How it works?
Once in the system of the target android device, it gains administrative privileges to the device’s operating system through rooting process. The vulnerable android devices include those operating under android version such as Jelly Bean, Kit Kat and Ice cream in addition to Lollipop. This specification alone wraps up a significant portion of android users on a global scale. Having rooted the target device, it then automatically downloads and installs a root exploit that resembles Towelroot, which steals Google authorization tokens.
This token provides a pathway of accessing Google accounts by the legitimate user of the device. However, anyone inclusive of hackers and cyber criminals can use it to access Google accounts thus making it a tool of menace if used for other activities other than its original purpose. It can enable the device to access the aforementioned Google accounts without the need for a password or any form of authentication procedure because it downloads the user’s account token to a secure server.
This device has affected over one million devices over the world and is first spreading. One evidence to attest to this is the fact that 500 million users of Yahoo mail have been affected as at September this year.
It is also estimated that close to 13000 devices are affected per day, a phenomenon attributed to the fact that most android users probably never know it exists in the first place. However, if they did, majorities do not know how to eliminate it from their devices.
Information is never useful unless acted upon on the basis of its relevance to the underlying issue at hand. Therefore, having the knowledge of existence of the Gooligan malware in one’s android device serves no purpose if the malware is not flushed out based on that intel. If that is the case, as it is in most cases, consult Google and Check Point for directions to the recommended way forward. Both firms are working towards the elimination of this threat from android devices. Google for instance, can rest accounts that have been breached or illegally accessed.
Check Point on the other hand assists in the fresh installation of the corrupted operating system. However, it is important to note that this is a complex process that should only be done by a trained technician or smartphone operator failure to which the user risks damaging the device even further. Check Point also recommends changing of passwords for accounts that have been compromised or better yet changing passwords for the entire portfolio of Google accounts. Another security measure android users should take into consideration is to avoid installing android applications from app stores other than the authentic Google Play store; it minimizes the chances of this malware attacking the android devices.
Financial Fortunes and Misfortunes
The industry of app development is one of the lucrative business platforms of the contemporary technological society not only because of the increasing use of technological devices but also because of the proportional growth in the software industry that these devices depend on.
Conversely, the financial impact of bootleg softwares and applications are dire to their legitimate developers. It is estimated that the financial benefit of using Gooligan to do fraudulent advertising over the web can generate close to $320,000 per month. This is the estimate figure of not only the amount online fraudsters can earn in single month but also the amount app developers will be losing in untapped revenue.
Gooligan operates like a virus and like other malicious softwares tracing it can be challenging if not entirely impossible. Even so, it might be too late to do damage control following its wake of destruction for cases where it has been discovered very late.
However, adherence to Google and Check Point’s recommendations is the first step to protecting your privacy online, at least as far as this malware is concerned. Hopefully, these two firms will also come up with relatively advanced solutions to this online menace in the near future.