Latest in Gear

Image credit: Reuters/Dado Ruvic

Android malware skews Google Play ratings by installing apps

You're probably safe if you have a recent phone, but there have been over 1 million infections so far.
358 Shares
Share
Tweet
Share
Save

Sponsored Links

Reuters/Dado Ruvic

Malware writers haven't stopped trying to game app rankings through bogus app installs. Researchers at Check Point have identified a new strain of the longstanding Ghost Push malware, Gooligan, that has infected over 1 million Android devices to date and continues to grow (about 13,000 new infections per day). As with earlier code, attackers trick you into installing a Gooligan-based app through either a third-party app store or a phishing scam. Once it's on your phone, the software takes advantage of Linux kernel exploits to access your Google authorization token and install fraudulent apps, whether to boost their Google Play rankings or to generate money through ads.

You're probably safe. Google fixed the vulnerability in Android 6.0 Marshmallow and beyond, and you're unlikely to run into one of the malicious apps if you stick to downloading from Google Play. Also, Google observes that the apps aren't harvesting data or committing fraud beyond the Google Play ratings. If you're concerned, you can use a web tool from Check Point to verify whether or not Gooligan has abused your account.

The concern, as is frequently the case with Android malware, is that many people will remain at risk. As of this story, Google reports that only 24.3 percent of users it tracks are running sufficiently up to date versions of Android. Also, Google Play isn't always an option -- the Chinese can't use Google Play, for instance, while others may have devices where the store app isn't installed. It may take a long while before enough people are up to date (most likely through new hardware) that malware like Gooligan is no longer effective.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
358 Shares
Share
Tweet
Share
Save

Popular on Engadget

Marvel axes two of its Hulu animated shows

Marvel axes two of its Hulu animated shows

View
Porsche's first Super Bowl ad in 23 years is for the electric Taycan

Porsche's first Super Bowl ad in 23 years is for the electric Taycan

View
'Uncharted' movie delayed to March 5th, 2021

'Uncharted' movie delayed to March 5th, 2021

View
Apple gets its WiLan patent payout reduced to $85.2 million

Apple gets its WiLan patent payout reduced to $85.2 million

View
Senator calls on Tesla to make Autopilot safety changes

Senator calls on Tesla to make Autopilot safety changes

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr