This Android malware hacks into your Google account, installs third-party apps
The virus is affecting an estimated 13,000 devices a day
According to a report by Check Point, a cyber Security company, the malware, Gooligan, has affected over 1 million accounts, with 13,000 devices being targeted every day.
By stealing authentication tokens used to access data from Google Play, Gmail, Google Docs and Google Drive; Gooligan installs certain apps on your phone and starts rating them highly.
By installing adware on those apps, it generates revenue, and is reportedly raking in as much as $320,000 a month.
The malicious code, according to the report, primarily affects devices running on Android Jelly Bean, KitKat and Lollipop.
Android users more humble and honest than iPhone users, study finds
About 19% of the hacked accounts are in North and South America, whereas 9% in Europe. Asia has so far been the most volatile region - 57% users affected.
To avoid being affected, simply download apps from the official Google Play store. Check Point has also built a site to check if your Google account has been compromised.
In case your device was affected, you need to take the following steps:
1. You need to flash your device. It is better if you approach a certified technician as flashing is a complex process.
2. Change your Google account passwords immediately after this process.
Adrian Ludwig, Google’s director of Android security said the security team had been working closing with Check Point to "investigate and protect users."
Android gets record 87.5% of smartphone market
He also confirmed that Gooligan uses Google credentials on older versions of Android to generate fraudulent app installs.
"We’ve taken action to protect our users and improve the security of the Android ecosystem overall," he wrote. The company has found no evidence of the hackers accessing user data, he added.
You can check it here if your Google account was breached: https://gooligan.checkpoint.com/
This article originally appeared on Mashable