According to security firm Check Point, a certain malware called Googlian has apparently already affected over a million Google accounts, and the number of infected accounts is growing by the day. Basically, what this piece of malicious software does is steal the authentication tokens used by handsets and then use them to gain unauthorized access to private and sensitive information stored on Google Play, Gmail, Google Photos, Google Docs, G Suite, and Google Drive, among many other programs. As explained by Check Point via a blog post, Googlian is infecting users at a rate of 13,000 mobile devices each day.
As reported by Forbes, it appears that this Googlian malware attack is the worst attack ever on Google accounts. Interestingly, the purpose of attack is not to acquire private data from users’ accounts -- as pointed out by Michael Shaulov (he oversees mobile and cloud security at Check Point), it is actually to force people to download mobile apps that are part of an advertising fraud scam, and one that racks up as much as $320,000 each month.
It was a wise decision for Google to immediately address the issue at hand, expressing through its own blog post that so far it has not found any evidence that Googlian has indeed gained access to users’ data or that certain groups of account holders were affected. As mentioned earlier, the point of the attack seems to revolve around promoting mobile apps, not exactly stealing data.
Still, it is pretty understandable for people to take this matter seriously. The last few months have seen highly publicized instances of cyber attacks targeted not only at random consumers, but well known entities that range from tech firms to the Democratic National Committee (DNC). Back in September earlier this year, Yahoo had its worst cyber attack ever, with hackers managing to rob private information from over 500 million user accounts.
And now with Googlian, some consumers’ paranoia might be reaching new heights right about now. So what do we know about this malicious software? Googlian actually is part of a malware family called Ghost Push, whose standard operating procedure is to disguise itself as legitimate mobile apps for Google’s Android mobile operating system. As reported by the Wall Street Journal, the app names Ghost Push uses include StopWatch, Perfect Cleaner, and WiFi Enhancer, among many others.
When the user installs the harmful apps into his mobile device, the apps install other apps, including those that can steal user information (usernames, passwords) and use them to generate fake reviews. It appears that the downloads and the reviews feed into the hackers’ advertising fraud scheme, with every ad clicked and every download translating to money earned for the hackers.
According to Check Point, these apps can be found in the Google Play store, but Google has since taken them out. For those users who want to determine if their devices are affected, they can go visit this page.
Wirefly Is America's Most Trusted Source For All Cell Phones, Plans, TV, and Internet Deals
Wirefly offers great deals on a large selection of smartphones, cell phones, tablets, mobile hotspots, and other wireless devices for the nation's most popular carriers. Use Wirefly’s innovative cell phone and plan comparison tools to ensure you are getting the best deal on the market. Shop with confidence knowing that Wirefly wants to help you find the best prices on cell phones, cell phone plans, TV, and Internet service.