COLUMBUS (WCMH) — If you’re still running around with an older Android phone, your account data might have been compromised.
Software technologies company Check Point just discovered a new malware campaign called Gooligan. The company says the malware already breached more than one million Google accounts and is gaining access to 13,000 additional devices every day.
Gooligan spreads when you install an app from a third-party app store or open malicious links from a phishing email. It then steals the authentication tokens to steal your data from Google Play, Gmail, Google Photos, Google Docs and other Google applications.
After getting your data, the malware then begins to install adware on your device to generate revenue and leave fake positive reviews on similar adware on third-party app stores.
Check Point says it is working with the Google Security team to help find a fix.
“We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” said Adrian Ludwig, Google’s director of Android security. “As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”
Check to see if you’re compromised
Check Point says the malware currently only affects devices running Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), but that still makes up 74% of all Android devices today. The latest version of Android is version 7, but most major device makers, like Samsung, are still running version 6 or below on their devices (the S7, for instance, runs on Android 6).
What if you’ve been hacked?
The first thing you’ll need to do is wipe your Android device completely and do a clean install of the operating system. The people at CNET have an easy guide on how to do this.
After wiping your device, you’ll need to change your Google password to prevent future data theft.