Check Point reports that more than one million Google accounts were breached, and more than 13,000 accounts continue to be breached every day via compromised Android devices. http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/
Our research exposes how the malware roots infected devices and steals authentication tokens that can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more.
Check Point reached out to the Google Security team immediately with information on this campaign. Our researchers are working closely with Google to investigate the source of the Gooligan campaign.
The article also notes that Gooligan downloads a rootkit that takes advantage of multiple Android 4 and 5 exploits including the well-known VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153).
Historically, many comments were made about the dangers of monocultures, in particular the MS Windows monoculture. With the migration away from desktops to handheld devices, and with google dominating the field for both the platform (Android) and many services (GMail), there seems no reason not to believe that there'll be the same kind of monoculture-related issues for many more years.
(Score: 0) by Anonymous Coward on Thursday December 01 2016, @03:41PM
It's not so much the monoculture that's the problem, it's the fact that the handset manufacturers lose interest in the devices 10 minutes after they've been sold
You mean how Samsung offered Note 7 owners/fire victims a Samsung Whatever 8 once they come out as compensation? It's always about the next device and the next quarter's sales numbers (not even profit, but unit sales).