Latest in Gear

Image credit: Reuters/Dado Ruvic

Android malware skews Google Play ratings by installing apps

You're probably safe if you have a recent phone, but there have been over 1 million infections so far.
358 Shares
Share
Tweet
Share
Save

Sponsored Links

Reuters/Dado Ruvic

Malware writers haven't stopped trying to game app rankings through bogus app installs. Researchers at Check Point have identified a new strain of the longstanding Ghost Push malware, Gooligan, that has infected over 1 million Android devices to date and continues to grow (about 13,000 new infections per day). As with earlier code, attackers trick you into installing a Gooligan-based app through either a third-party app store or a phishing scam. Once it's on your phone, the software takes advantage of Linux kernel exploits to access your Google authorization token and install fraudulent apps, whether to boost their Google Play rankings or to generate money through ads.

You're probably safe. Google fixed the vulnerability in Android 6.0 Marshmallow and beyond, and you're unlikely to run into one of the malicious apps if you stick to downloading from Google Play. Also, Google observes that the apps aren't harvesting data or committing fraud beyond the Google Play ratings. If you're concerned, you can use a web tool from Check Point to verify whether or not Gooligan has abused your account.

The concern, as is frequently the case with Android malware, is that many people will remain at risk. As of this story, Google reports that only 24.3 percent of users it tracks are running sufficiently up to date versions of Android. Also, Google Play isn't always an option -- the Chinese can't use Google Play, for instance, while others may have devices where the store app isn't installed. It may take a long while before enough people are up to date (most likely through new hardware) that malware like Gooligan is no longer effective.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
358 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's 2019 Back-to-School Guide

Engadget's 2019 Back-to-School Guide

View
Canon leaks its EOS 90D DSLR and mirrorless EOS M6 Mark II cameras

Canon leaks its EOS 90D DSLR and mirrorless EOS M6 Mark II cameras

View
Watch the Google Stadia event in 10 minutes

Watch the Google Stadia event in 10 minutes

View
HP's latest gaming headset delivers active cooling, noise cancellation

HP's latest gaming headset delivers active cooling, noise cancellation

View
Samsung's 32-inch Space Gaming Monitor makes room for your PC

Samsung's 32-inch Space Gaming Monitor makes room for your PC

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr