Malware taking advantage of Android OS exploits, again: Gooligan

From what we can gather from Check Point’s blog post, Gooligan is an already well-known threat with a new name hinted by Google’s official statement. Rest assured this has and will be detected by Malwarebytes Anti-Malware for Mobile.

As Check Point pointed out, there are many devices still on the market with versions of the Android OS that are susceptible to exploits, such as VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153) used by Gooligan. These particular exploits work on Android OS versions 5 and below, which accounts for 74.4% of devices on the market according to Google at the time of this writing.

Unless Google creates patches to fix these holes in security on devices that take up a staggering amount of the market, malware will be created to take advantage of them. Will Gooligan be the last straw to push Google to create patches? Let’s hope so. Companies like Samsung and Motorola have been working with Google on efforts to push updates more frequently, so it seems there is hope.

If patches are created, the next step is getting users to install them, which is a whole other battle. If you do have an update sitting on your Android OS you may have neglected, now is as good a time as any to go ahead and update.

As always, be weary of third party app stores. As often the case, you get what you pay for on such stores. Be safe out there!


Nathan Collier

Full time mobile malware researcher, part time endurance athlete and world traveler. As nerdy about traveling as he is about mobile malware.