TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
OpenAI Expands Enterprise AI Strategy With Major Hiring Push Ahead of New Business Offering 
Nasdaq Proposes Fast-Track Rule to Accelerate Index Inclusion for Major New Listings 
Toyota’s Surprise CEO Change Signals Strategic Shift Amid Global Auto Turmoil 
Instagram Outage Disrupts Thousands of U.S. Users 
CK Hutchison Launches Arbitration After Panama Court Revokes Canal Port Licences 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Ford and Geely Explore Strategic Manufacturing Partnership in Europe 
Nvidia Nears $20 Billion OpenAI Investment as AI Funding Race Intensifies 
Alphabet’s Massive AI Spending Surge Signals Confidence in Google’s Growth Engine 
Baidu Approves $5 Billion Share Buyback and Plans First-Ever Dividend in 2026 
Tencent Shares Slide After WeChat Restricts YuanBao AI Promotional Links 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
Prudential Financial Reports Higher Q4 Profit on Strong Underwriting and Investment Gains 
Once Upon a Farm Raises Nearly $198 Million in IPO, Valued at Over $724 Million 
SoftBank Shares Slide After Arm Earnings Miss Fuels Tech Stock Sell-Off 
Australian Scandium Project Backed by Richard Friedland Poised to Support U.S. Critical Minerals Stockpile 
SAN CARLOS, Calif., Nov. 30, 2016 -- Check Point® Software Technologies Ltd. (NASDAQ:CHKP) today announced its security researchers have revealed a new variant of Android malware, breaching the security of more than one million Google accounts. The new malware campaign, named Gooligan, roots Android devices and steals email addresses and authentication tokens stored on them. With this information, attackers can access users’ sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite.
“This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks,” said Michael Shaulov, Check Point’s head of mobile products. “We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them.”
Key Findings:
- Campaign infects 13,000 devices each day and is the first to root over a million devices.
- Hundreds of the email addresses are associated with enterprise accounts worldwide.
- Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74% of Android devices in use today.
- After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim.
- Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began.
Check Point reached out to the Google security team immediately with information on this campaign. “We appreciate Check Point's partnership as we’ve worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we’ve taken numerous steps to protect our users and improve the security of the Android ecosystem overall,” stated Adrian Ludwig, Google’s director of Android security. Among other actions, Google has contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.
Check Point’s Mobile Research Team first encountered Gooligan’s code in the malicious SnapPea app last year. In August 2016, the malware reappeared with a new variant and has since infected at least 13,000 devices per day. About 57% of these devices are located in Asia and about 9% are in Europe. Hundreds of the exposed email addresses are associated with enterprises around the world. The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack messages.
Check Point is offering a free online tool that allows users to check if their account has been breached. “If your account has been breached, a clean installation of an operating system on your mobile device is required. This complex process is called flashing, and we recommend powering off your device, and approaching a certified technician or your mobile service provider, to re-flash your device,” added Shaulov.
Follow Check Point via:
Check Point Blog: http://blog.checkpoint.com/
Twitter: http://www.twitter.com/checkpointsw
Facebook: http://www.facebook.com/checkpointsoftware
YouTube: http://www.youtube.com/user/CPGlobal
LinkedIn: https://www.linkedin.com/company/check-point-software-technologies
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is the largest network cyber security vendor globally, providing industry-leading solutions and protecting customers from cyberattacks with an unmatched catch rate of malware and other types of threats. Check Point offers a complete security architecture defending enterprises – from networks to mobile devices – in addition to the most comprehensive and intuitive security management. Check Point protects over 100,000 organizations of all sizes.
INVESTOR CONTACT: Kip E. Meintzer Check Point Software Technologies +1.650.628.2040 [email protected] MEDIA CONTACT: Ali Donzanti Check Point Software Technologies +1.650.628.2424 [email protected]
