Android Malware Compromises 1M+ Google Accounts

Dec. 1, 2016 | by BioCatch

Android and Google are in the news today, but not because of a new phone release. Researchers have uncovered a family of Android-based malware compromising more than 1 million Google accounts.

The malware, dubbed a Gooligan, is breaching an additional 13,000 individual and enterprise user devices each day, according to researchers at Check Point Software Technologies.

The relentless pace of this particular malware is indicative of the larger problem in cybersecurity; hackers are constantly developing new ways to infect devices and steal user authentication information.

In Google’s case, the company had implemented two-factor authentication to prevent hacking, but with the malware stealing the authorization token, the hacker gains access as if the user is already logged in.

how-the-gooligan-campaign-works.jpg

(Source: Check Point Software Technologies)

Malware Detection Solutions

Even Google can’t keep track of Gooligan malware with traditional means. This largest Google account breach to date demonstrates the need for behavioral biometrics solutions that not only recognize authentic human users, but also detect non-human behaviors indicative of criminal activity.

A holistic approach to cybersecurity, as BioCatch brings, detects malware by analyzing hundreds of behavioral parameters every second. Even a malware that imitates a real user (such as a Gooligan) is qualitatively unique and can be identified with behavioral biometrics.

In response to the Android ecosystem threat, Google has deployed an app to notify users they are trying to install an offending app, revoked affected users’ Google Account tokens, and removed the apps at issue from affected devices.

Despite Google’s Android security engineer Adrian Ludwig’s promise to collaborate “with ISPs to eliminate this malware altogether,” be certain another threat will present itself — and quickly. Malware is a stealthy, growing menace. October saw a 5% rise in the number of malware attacks, with ransomware the most prolific category in a constantly evolve.

top-10-countries-attacked-by-mobile-malware-second-quarter-2016.png

Join BioCatch’s VP of Cyber Strategy and Iain Swaine, EMEA’s Head of Cyber Strategy in a Dec. 8 webinar as he explores this growing problem represented by another new malware, the Trickbot Trojan. Click here to register

Dirty_Tricks.png

Sources:

Check Point Software Technologies, Inc. (2016, Nov. 30). More Than 1 Million Google Accounts Breached by Gooligan http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/
Ludwig, A. (2016, Nov. 29). The fight against Ghost Push continues. https://plus.google.com/u/0/+AdrianLudwig/posts/GXzJ8vaAFsi?sfc=true
Muncaster, P. (2016, November 22). Conficker Still on Top as Malware Jumps 5% in October. http://www.infosecurity-magazine.com/news/conficker-still-on-top-as-malware/

Download White Paper: Preventing Fraud in Mobile Era