Report: 1 million Google accounts hacked by new malware

Written by |

Check Point Software Technologies today revealed a data breach that’s hit an estimated 1 million Google accounts around the world.

Nicknamed ‘Gooligan,’ this new variant of malware has reportedly been targeted at the nearly three-quarters of devices worldwide that run Android 4 (Jelly Bean, KitKat) and 5 (Lollipop).

Here’s what you need to know about Gooligan…

Read more: Why you can’t always bring your phone to a new carrier

How many accounts have been impacted?

Some 1 million accounts are believed to have been hit, according to Check Point. The breach has been happening at a rate of 13,000 devices a day since August. 

Report: 1 million Google accounts hacked

What does the hack do?

In short, Gooligan steals email accounts and authentication tokens. 

Authentication tokens bypass two-factor authentication and make Google think you as a user are already logged in.

Then the hackers can have a field day with access to your Gmail, Google Play, Google Photos, Google Drive, Google Docs and G Suite.

How can you tell if your account has been hacked?

Check Point has set up a free Gooligan Checker tool that lets you enter your email to find out if you’ve been hacked. Check Point says it will not collect, store or use your email address for any purpose other than determining if you’ve been breached or not.

What should I do next if I determine I’ve been hacked?

1. Go to your carrier and ask that your device be ‘re-flashed.’ This process will do a clean install of your operating system. 


2. Immediately change your Google account passwords.

What apps might have infected me after I downloaded them?

Check Point says the following apps from third-party Android app stores are the likeliest culprits:

  • Perfect Cleaner
  • Demo
  • WiFi Enhancer
  • Snake
  • gla.pev.zvh
  • Html5 Games
  • Demm
  • memory booster
  • à¹à¸‚่งรถสุดโหด
  • StopWatch
  • Clear
  • ballSmove_004
  • Flashlight Free
  • memory booste
  • Touch Beauty
  • Demoad
  • Small Blue Point
  • Battery Monitor
  • 清ç†å¤§å¸ˆ
  • UC Mini
  • Shadow Crush
  • Sex Photo
  • å°ç™½ç‚¹
  • tub.ajy.ics
  • Hip Good
  • Memory Booster
  • phone booster
  • SettingService
  • Wifi Master
  • Fruit Slots
  • System Booster
  • Dircet Browser
  • Puzzle Bubble-Pet Paradise
  • GPS
  • Light Browser
  • Clean Master
  • YouTube Downloader
  • KXService
  • Best Wallpapers
  • Smart Touch
  • Light Advanced
  • SmartFolder
  • youtubeplayer
  • Beautiful Alarm
  • PronClub
  • Detecting instrument
  • Calculator
  • GPS Speed
  • Fast Cleaner
  • Blue Point
  • CakeSweety
  • Pedometer
  • Compass Lite
  • Fingerprint unlock
  • PornClub
  • com.browser.provider
  • Assistive Touch
  • Sex Cademy
  • OneKeyLock
  • Wifi Speed Pro
  • Minibooster
  • com.fabullacop.loudcallernameringtone
  • Kiss Browser
  • Weather
  • Chrono Marker
  • Slots Mania
  • Multifunction Flashlight
  • So Hot
  • Google
  • HotH5Games
  • Swamm Browser
  • Billiards
  • TcashDemo
  • Sexy hot wallpaper
  • Wifi Accelerate
  • Simple Calculator
  • Daily Racing
  • Talking Tom 3
  • com.example.ddeo
  • Test
  • Hot Photo
  • QPlay
  • Virtual
  • Music Cloud

Report: 1 million Google accounts hacked

What has Google’s response been?

“We’re appreciative of both Check Point’s research and their partnership as we’ve worked together to understand these issues,” said Adrian Ludwig, Google’s director of Android security. “As part of our ongoing efforts…we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall.”

You can read more in Ludwig’s new blog post here.

Read more: The #1 wireless network in America is…

How to use Google Maps overseas with no data usage

  • Show Comments Hide Comments