The malware, which researchers at the security firm Check Point have dubbed “Gooligan,” is reportedly used by attackers to gain access to Google Play, Gmail, Google Docs, Google Photos, and more.
Gooligan is said to be a variant of malware discovered by Check Point last year, which allowed attackers root access to Android devices through the use of up to 12 unique exploits. “We believe that it is the largest Google account breach to date, and we are working with Google to continue the investigation,” Check Point said in a blog post.
Google said it has taken “numerous steps” to protect its users from the malware, which is spread through a number of fraudulent apps, and “improve the security of the Android ecosystem overall.”
The number of devices infected continues to rise by 13,000 breaches per day, according to Check Point, which has created a tool that allows users to check if their accounts have been breached.