1. Home
  2. Over 1 million Google accounts breached by Gooligan: Check Point

Over 1 million Google accounts breached by Gooligan: Check Point

[email protected] (Agencies)
December 1, 2016

New Delhi, Dec 1: A new variant of an Android malware called "Gooligan" is believed to have breached the security of over one million Google accounts.

GoogleAccording to security firm Check Point Software Technologies, the malware roots Android devices and steals email addresses and authentication tokens stored on them.

This can give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite, it said.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products Michael Shaulov said.

No immediate comment could be received from Google on the matter. Check Point's report said the malware campaign infects 13,000 devices each day and that Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74 per cent of Android devices in use today.

About 40 per cent of these devices are located in Asia and about 12 per cent are in Europe.

After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim, the report said.

"Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began," it added.

The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack text messages.

Check Point said it has reached out to the Google security team immediately with information on this campaign.

"We appreciate Check Point's partnership as we've worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall," Google's director of Android security Adrian Ludwig was quoted as saying.

Among other actions, Google has contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.

Check Point"s Mobile Research Team first encountered Gooligan's code last year and in August this year, the malware reappeared with a new variant and has since infected at least 13,000 devices per day.

Check Point is offering a free online tool that allows users to check if their account has been breached.

"If your account has been breached, a clean installation of an operating system on your mobile device is required. For further assistance, you should contact your phone manufacturer or mobile service provider," Shaulov said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 19,2020

New Delhi, Jan 19: Messaging service WhatsApp which on Sunday faced issues in transmitting multimedia content including pictures and images, prompting social media users to share hilarious memes and messages, resumed regular services after over two hours.

#WhatsAppDown was the trending hashtag on Twitter for most part of Sunday afternoon in India along with several other countries such as Brazil, Europe and also parts of Middle-East including UAE, reported downdetector.in, a realtime problem and outage monitoring website.

Users of the popular messaging app were unable to send media files, stickers and GIFs.

Most users immediately went to Twitter to find out about the problem and check if others were facing the same issue.

Numerous tweets and memes took over the internet as soon as the news broke about the WhatsApp tech issue. After around two hours of technical glitch, the app resumed full service.

Even after full recovery of media transfer, people globally still continued checking the status of the messaging app.

WhatsApp has been one of the prime messaging apps since May 2009 and has recently collaborated with Facebook.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 25,2020

In a study conducted in 117 countries, researchers have found that the world is experiencing the most dramatic reduction in the seismic noise (the hum of vibrations in the planet's crust) in recorded history due to global COVID-19 lockdowns.

Measured by instruments called seismometers, seismic noise is caused by vibrations within the Earth, which travel like waves and the waves can be triggered by earthquakes, volcanoes, and bombs - but also by daily human activity like travel and industry.

This quiet period was likely caused by the total global effect of social distancing measures, closure of services and industry, and drops in tourism and travel, the study published in the journal Science, reported.

The new research, led by the Royal Observatory of Belgium and five other institutions around the world including Imperial College London (ICL), showed that the dampening of 'seismic noise' caused by humans was more pronounced in more densely populated areas.

"Our study uniquely highlights just how much human activities impact the solid Earth, and could let us see more clearly than ever what differentiates human and natural noise," said study co-author Stephen Hicks from ICL in the UK.

For the findings, the research team looked at seismic data from a global network of 268 seismic stations in 117 countries and found significant noise reductions compared to before any lockdown at 185 of those stations.

Researchers tracked the 'wave' of quietening between March and May as worldwide lockdown measures took hold.

The largest drops in vibrations were seen in the most densely populated areas, like Singapore and New York City, but drops were also seen in remote areas like Germany's the Black Forest and Rundu in Namibia.

Citizen-owned seismometers, which tend to measure more localised noise, noted large drops around universities and schools around Cornwall, UK and Boston, US - a drop in noise 20 per cent larger than seen during school holidays.

The findings showed that countries like Barbados, where lockdown coincided with the tourist season, saw a 50 per cent decrease in noise.

"The changes have also given us the opportunity to listen in to the Earth's natural vibrations without the distortions of human input," the study authors wrote.

Earlier in April, a study published in the journal Nature, reported at least a 30 per cent reduction in that amount of ambient human noise since lockdown began in Belgium.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
February 23,2020

Google has indexed invite links to private WhatsApp group chats, meaning anyone can join various private chat groups (including several porn-sharing groups) with a simple search.

According to a report in Motherboard, invitations to WhatsApp group chats were being indexed by Google.

The team found private groups using specific Google searches and even joined a group intended for NGOs accredited by the UN and had access to all the participants and their phone numbers.

Journalist Jordan Wildon said on Twitter that he discovered that WhatsApp's "Invite to Group Link" feature lets Google index groups, making them available across the internet since the links are being shared outside of WhatsApp's secure private messaging service.

"Your WhatsApp groups may not be as secure as you think they are," Wildon tweeted on Friday, adding that using particular Google searches, people can discover links to the chats.

According to app reverse-engineer Jane Wong, Google has around 470,000 results for a simple search of "chat.whatsapp.com", part of the URL that makes up invites to WhatsApp groups.

WhatsApp spokesperson Alison Bonny said: "Like all content that is shared in searchable public channels, invite links that are posted publicly on the internet can be found by other WhatsApp users."

"The links that users wish to share privately with people they know and trust should not be posted on a publicly accessible website," Bonny told The Verge.

Danny Sullivan, Google's public search liaison, tweeted: "Search engines like Google & others list pages from the open web. That's what's happening here. It's no different than any case where a site allows URLs to be publicly listed. We do offer tools allowing sites to block content being listed in our results."

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.