MANILA, Philippines – Google has confirmed that 1.3 million accounts have been compromised due to an ongoing hacking campaign that experts have labeled “Gooligan.”

The tech giant made the confirmation to CNNMoney on Wednesday, November 30, shortly after cybersecurity firm Check Point revealed the discovery. 

According to Check Point, which has been tracking the cyber-attack since last year, the hackers were able to gain access to the accounts by infecting Android phones through illegitimate apps. The hackers were able to harvest digital security “tokens” from the infected phones, which then allowed them access to photos, emails, documents and more.

Today, 13,000 additional devices are getting infected and compromised daily by the attacks. Check Point specifies that “Gooligan” affects Android 4 (Jelly Bean, KitKat) and 5 (Lollipop) devices, which comprise 74% of in-market devices today. For Philippine users, what’s more alarming is that 57% of the infected devices are located in Asia, with the number trickling down to 19% in the Americas, 15% in Africa, and 9% in Europe. 

These illegitimate apps are apps that are downloaded from unnofficial app stores, which routinely offer free, counterfeit alternatives to paid apps found on the official Google Play Store. The huge downside: as the “Gooligan” hacks have shown, the unofficial, unapproved apps could lead to security compromises, costing users more in the long run. 

What were the goals of the hackers? The hackers have not yet tapped nor stolen the information, says CNN. Instead, the hackers are doing what the media outfit calls a “criminal enrichment scheme.” The infected phones download other legitimate apps, then automatically rate them highly, thus increasing the apps’ reputation. The higher the app’s reputation is, the more likely it is that people will download it. 

The legitimate apps that have benefited from the fraudulent ratings have since been removed from the official app store, says Adrian Ludwig, the director of Android security at Google, in a blog post.  

The “Gooligan” malware has also been reported to install malicious advertising software that harvests user data that may be of value to marketers. 

Check Point has published a list of these illegitimate apps and their complete security report on their website. If you’re on Android, check your phone right away for the presence of the said apps on your phone. 

You can also check if your device has been compromised by using Check Point’s security check service at Gooligan.CheckPoint.com. To lessen the risks of having your Android phone hacked, avoid downloading apps from places other than the Google Play Store. – Rappler.com