Check Point reports that more than one million Google accounts were breached, and more than 13,000 accounts continue to be breached every day via compromised Android devices. http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/
Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.
Check Point reached out to the Google Security team immediately with information on this campaign. Our researchers are working closely with Google to investigate the source of the Gooligan campaign.
The article also notes that Gooligan downloads a rootkit that takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153).
Historically, many comments were made about the dangers of monocultures, in particular the MS Windows monoculture. With the migration away from desktops to handheld devices, and with google dominating the field for both the platform (Android) and many services (GMail), there seems no reason not to believe that there'll be the same kind of monoculture-related issues for many more years.
(Score: 2) by ikanreed on Thursday December 01 2016, @03:11PM
You're right. People are going to blame those poor hackers who are just victims of those evil people who leave the phones unsecured, begging to be hacked.
Just look at the patches they're wearing.