There’s a new type of malware on the loose—and over a million Android devices have already been infected. Although, most of the infected devices are in Asia, 19 percent of them are in America, and 13,000 more devices are hacked each day. It’s the largest breach of Google accounts ever, and it’s definitely cause for concern.
You can pick up the malware aka Gooligan, by downloading seemingly harmless apps from sources other than the Google Play store. Once downloaded, Gooligan gains access to all of your data, including Gmail, Google Docs, Google Drive, Google Play and more.
Even though Gooligan has access to a lot of your personal data, it doesn’t appear to use it. Instead, Gooligan downloads apps from Google Play in a scam designed to collect advertising revenue. These apps may provide Gooligan’s creators with cash for each download or show ads to generate income. Compromised Google accounts may also leave reviews on these fraudulent apps to make them appear more legitimate to other users.
Here’s an easy way to check if you’re infected. Security firm Check Point has created a tool that shows if your email address is among the compromised accounts. If your device is compromised, you’ll want to do a clean installation of Android on your device
How to keep your device secure
- Install the latest version of Android, including the security patches. Your carrier should provide instructions when updates are available.
- Don’t download apps from anywhere other than the Google Play store. Newer versions of Android will warn you if you try to download apps from elsewhere. Pay attention when it does!
- Run a reputable anti-virus application. While anti-virus protection can sometimes be frustrating — anti-virus apps can accidentally identify non-malware as malware — it can help keep your phone secure. Try AVAST, AVG, Kaspersky, McAfee or Norton, all of which are free and known for their solid desktop anti-virus protection.