Researchers at Check Point claim more than a billion Android devices at risk; Google says ‘no evidence’ of data breach found as of yet

Android security isn’t great. We know that. And while Google is improving it gradually with every successive generation, there are still billions of smartphones using older Android versions. If you’re one of those, it might be time to update.

In a recent blog post, via security research outfit Check Point, it was unveiled that well over a million Android accounts have been compromised. 1.3 million, to be precise. The malware responsible is ‘Gooligan’, which is being described as Ghost Push on steroids. It is a malvertising strain, which means it spreads through ads. The virus enters smartphones by way of third party app stores. In total, 86 apps from third-party stores have been identified as carriers of the strain.

Essentially, ‘Gooligan’ gains root access as soon as it gets to the phone. It then proceeds to download a program, which intercepts and uses tokens for storing credentials for certain apps. These apps include Gmail and Google Drive. In effect, ‘Gooligan’ gains privileged access to every document on the phone.

The good news is that newer versions of Android are immune to it. Or so it seems, as reported by Check Point. These include Android 6 (Marshmallow) and Android 7 (Nougat). Any version before these is fair game for ‘Gooligan.’

Of course, the vast majority of users are on neither of the two safe versions. Specifically, 74% of the total Android user base. This translates to 1.03 billion Google accounts in absolute figures. With 1.3 million hacks, ‘Gooligan’ has only affected only a thousandth of that number. Which means it has much more room to grow. Scary thought, indeed.

Google has jumped to action after hearing this news. Adrian Ludwig, an Android Security Engineer at Google, calmed many nerves by assuring that there is ‘no evidence’ of data breach. Ludwig mentioned that users would get a notification if such was the case. He also said that Google has taken several measures to ensure data security. But just to be safe, he has advised to re-sign to all your Google accounts.

Google is working closely with Check Point on this one. A ‘Gooligan Checker’ is also online, which can let you know whether you have an infected device.