Since August, an ongoing malware attack called "Gooligan" has breached more than 1 million Google accounts, according to a report from security firm Check Point Technologies.
Check Point Technologies identified Gooligan malware code in a number of fake apps available in third-party Android app stores. The names of apps vary from shady ("Demm," "com.example.ddeo") to seemingly safe ("WiFi Enhancer," "StopWatch"). When unwitting users download one of the fake apps, their account becomes infested with the malware.
Approximately 57 percent of the 1 million breached accounts are in Asia. Another 19 percent are in the Americas, 15 percent are in Africa and 9 percent are in Europe. However, the number of breached accounts continues to increase at 13,000 devices per day.
Check Point Technologies contacted Google with the information it uncovered. "We're appreciative of both Check Point's research and their partnership as we've worked together to understand these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall," said Google Director of Android Security Adrian Ludwig.
Google is taking steps to inform affected users.