live_phone

888.546.4384|607.433.2200

 

livechat icon

Live Chat Support

live_meeting

Live Online Meeting

WEB DESIGN SERVICES

Don’t wait any longer. Get started today!

 
 

Directive Blogs

Directive has been serving the Oneonta area since 1993, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Alert: Was Your Device One of Over a Million Breached By New Android Malware?

Alert: Was Your Device One of Over a Million Breached By New Android Malware?

The branch of malware known as Ghost Push now has a new component, Gooligan, and it certainly lives up to its name. Google was struck by an attack that infected over one million Android users, with over 13,000 additional devices adding to that total on a daily basis.

Gooligan is able to steal the authentication tokens that are required to access data contained in many of Google’s popular offerings, including Drive, Docs, Gmail, and the G Suite.

However, it would seem that, instead of extracting personally identifiable information, the culprits have elected to install malicious Google Play apps to generate fraudulent ad revenue. Reports have said that this modus operandi nets the attackers about $320,000 every month, and that Gooligan may be the biggest recorded breach of Android devices, ever.

This makes it all the more fortunate that Gooligan has, as of yet, shown no signs of stealing any of the data it could potentially have accessed. Google has even gone on record in their belief that, “The motivation… is to promote apps, not steal information.”

While Google has since removed the apps that include Gooligan from the Play Store, there could potentially be countless more similar threats, lurking in wait of their next victim. This means that, should your employees be able to access the Play Store on their work devices, your business could be a potential victim.

Therefore, every member of a business should be informed of the seriousness of clicking around mindlessly when using a business device. Institute a policy of only allowing business-related apps on company devices, and require any BYOD devices to be thoroughly vetted by IT.

Do you have a plan to prevent unauthorized applications from appearing on company devices? Let us know in the comments!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, November 22 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image