Over 1 Million Google Accounts Stolen via Android “Gooligan” How Does That Effect Mobile Payments?
With in excess of 1.3 million Android phones that users haven’t patched with the latest updates now infected by malware called Gooligan, will it put mobile payments at risk? In a word no, not directly at least.
Gooligan may be the largest single theft of Google accounts on record. Here is how it works. The spyware steals the tokens used to verify that a user is, in fact, authorized to access their Google account and also forces users to download apps to help fund an advertising fraud scheme.
The fake apps downloaded pay the Gooligan hackers in advertising dollars, somewhere in the neighborhood of $320,000 a month. Approximately 13,000 new infections each day are occurring right now. Users get infected from downloading third-party apps from “unapproved” app stores. i.e. not Amazon or Google Play stores.
The phone then becomes infected. Steals the victim’s Google account token and sends it to a server, where hackers can then gain unauthorized access to Gmail, Docs, Drive, Photos and other data.
Notice we didn’t say Samsung Pay or Android Pay here folks, but that doesn’t mean you don’t store your card data in your e-mail or Google Docs or Google Drive. If so it could be at risk, but not because of using any “Mobile Payments”
Gooligan is believed to be a newer version of Ghost Push. “Ghost Push variants use publicly known vulnerabilities that are unpatched on older devices to gain privileges that allow them to install applications without user consent,”
The new version is to promote apps, not steal information.”
Step one – update your device to the newest patches and OS levels.
Step two – remove apps you don’t recognize.
Step three – don’t store information in the cloud and keep updating your devices.
Mobile Payments are still more secure than the old fashioned clerk stealing your card number at the store. Restaurants where the card is taken in the back room to charge your card is still the number one place you’ll get your card stolen.
Embrace mobile payments but please keep your devices updated and don’t use third-party app stores.
Headquartered in Pinole California, MerchantZoom, Inc. was founded by Wally Arakozie. Previously employed by one of the largest merchant processing companies here in California for nearly a decade. Since the company’s beginnings MerchantZoom, has grown into a reputable national merchant provider. Along with delivering state of the art technology and competitive rates, MerchantZoom, thrives on personalized local customer service and support. In order for your business to ZOOM!
759 Appian Way Ste 1A Pinole, CA 94564
Content Release Date Dec 2, 2016 – MerchantZoom Inc.