Gooligan comes from the Trojan Horse family of the hacking universe. The bug affects Android phones and tablets with apps downloaded in third party app stores, which often offer free alternatives to paid-for apps on Google Play. When it attacks a device, the malware poses as a legitimate app, and then installs software meant to breach your personal data, such as passwords and usernames. It's also been discovered to post fake reviews. The faulty apps are numerous, too, with as many as 30,000 infected by Gooligan, according to Check Point.
Forbes reports that Gooligan is at the center of a massive “advertising fraud scheme,” and has generated as much as $320,000 per month by forcing users to download certain apps. According to Check Point’s Michael Shaulov, researchers at the security firm were able to locate a remote server storing as many as 1.3 million Google account tokens.