A malware campaign called Googlian has breached over 1 million Android devices, and continues to affect approximately 13,000 devices every day. The malware is capable of stealing a user’s authentication, which allows it to gain access to personal data from Google Play, Gmail, Google Photos and other platforms.
Googlian uses a Trojan horse attack, in which the malware poses as a legitimate app that is downloaded onto a user’s device. However, Googlian uses the data on a user’s phone effectively as a marketing scheme, and surreptitiously downloads additional apps onto the device. And, although Googlian has not yet targeted personal information for profit, advertisements located in the apps generate revenue for the hackers.
Google has stated that the Googlian apps come from third-party app stores, and not the company’s official Google Play store. As a result, Android users should delete any third-party apps from their devices and only download apps from the official store.