Android malware infects 1M phones globally

Android malware infects 1M phones globally

Android Nougat statue at Google campus in Mountain View, Calif.

SAN FRANCISCO — A new variant of a well-known malware program has infected more than one million phones that run older versions of Google's Android operating system, mostly outside the U.S., a security firm reported Wednesday.

The malware, dubbed Googlian, is delivered via apps downloaded from non-approved, third-party app sites. That's made users outside the U.S., who are more likely to use these sites, more vulnerable. It affects an estimated 1,000 users in the United States.

"The Gooligan campaign most heavily affects Android users in Asia. That’s likely because users there rely more on third-party app stores. In the United States, Android users stick to Google Play for apps," said Check Point spokeswoman Ali Donzanti.

The malware campaign attacks phones running the Android 4 and 5 operating systems, known as Jelly Bean, KitKat and Lollipop, and according to Check Point Software Technologies, can potentially access information from users' other Google accounts.

The software is part of "GhostPush," a family of apps that once installed, try to download other apps. Google said that it has been tracking this family of malware since 2014 and so far has detected and prevented the installation of over 150,000 variations of Ghost Push.

Users who buy their apps on the Google Play store are generally safe, Check Point said.

Google said it has contacted affected users, removed apps associated with the problem and added new protections to its Verify Apps technology.

The problem is similar to an issue that surfaced with malware that could affect iPhones running non-Apple approved apps in 2015.

The moral of the story is that consumers should stick with legitimate sources for their apps, said Dimitri Sirota, CEO of BigID, a data protection company.

"The best policy for avoiding this type of unfortunate situation is to look at the reputation of the purveyor — buy your Gucci from a Gucci store, get your news from a publication with a reputation at stake and download your apps from certified stores like Google Play," he said.

Google also reminded users of Android phones to keep their devices up to date and thus secure.

" Because Ghost Push only uses publicly known vulnerabilities, devices with up-to-date security patches have not been affected," its blog post said.



Add Comment

all comments

  Other news

more
Love Island star Olivia Attwood gives boyfriend Chris Hughes sex lessons – and praises herself as a ‘good teacher’

Love Island star Olivia Attwood gives boyfriend Chris Hughes sex lessons – and praises herself..

20-Aug, 10:40

The Love Island star is still going strong with Chris Hughes weeks after...

Indian court grants woman divorce over lack of home toilet

Indian court grants woman divorce over lack of home toilet..

20-Aug, 12:40

An Indian woman has been granted permission to divorce her husband...

Erdogan critic Dogan Akhanli arrested in Spain

Erdogan critic Dogan Akhanli arrested in Spain..

19-Aug, 18:52

A German-Turkish writer who is a known critic of President Recep Tayyip...

Train derails as it departs London Paddington station

Train derails as it departs London Paddington station..

20-Aug, 11:10

Passengers had to be evacuated from a train after it derailed while...

FCC warns consumers about new 'Yes' phone scam

FCC warns consumers about new 'Yes' phone scam..

27-Mar, 21:50

The Federal Communications Commission is warning consumers about a new...

Hugh Jackman speaks out about the 'Logan' ending

Hugh Jackman speaks out about the 'Logan' ending..

06-Mar, 09:58

"Logan" topped the U.S. box office this weekend, pulling in more than $80...

Office supplies chain Staples sold for $6.9 billion

Office supplies chain Staples sold for $6.9 billion..

28-Jun, 18:00

Private equity firm Sycamore is buying office supplies chain Staples for...

Taliban leader killed in US airstrike

Taliban leader killed in US airstrike..

22-Apr, 10:59

A Taliban leader once known as a shadow governor of an Afghanistan...