Malware breaches over 1 million Google accounts

ymgerman/Shutterstock.com

More than a million Google Inc. accounts have been breached by malware that steals users’ authentication tokens, although there is no evidence of data access, says Google Inc. and a cyber security firm.

In a statement issued Wednesday, San Carlos, California-based Check Point Software Technologies Inc. said the “Gooligan” malware can be used to access data on Android devices from Google programs including Google Docs and Gmail, among others.

Check Point said the malware is downloaded through legitimate-appearing apps on third-party Android app sites. These apps are free, or offer free versions of paid apps, said Check Point. The apps can also be installed through phishing scams, where attackers broadcast links to infected apps, Check Point said.

Adrian Ludwig, director of Android security for Mountain View, California-based Google, said in a blog post Tuesday that it has been working closely with Check Point on the issue and that there is no evidence of user data access. 
He said the malware’s purpose “is to promote apps, not steal information, and that held true for this variant.”

Check Point said in its statement the malware can be used to steal a user’s Google email account and authentication token information, which is their electronic identity codes; install apps from Google Play; rate them to raise their reputation; and install adware to generate revenue.