Android Apps.

According to this article from CNET.com, the security firm Check Point has found a Trojan horse named Gooligan that is attacking 13,000 Google accounts every day. CNET.com says that over a million accounts have already been hit.

The attacks aren’t meant to necessarily steal information, but they are rather an elaborate scheme to make big bucks off of in-app ads. Gooligan, which is part of a group of malware known as Ghost Push, pretends to be legitimate apps which once downloaded to an Android phone are then used to install other apps. Some of the known “bad-apps” are StopWatch, Perfect Cleaner, and WiFi Enhancer.

Adrian Ludwig who works for Google in Android Security authored a blog post on November 29th about the issue, stating that they have “revoked affected users’ Google Account tokens and provided simple instructions so they can sign back in securely. We have already contacted all users that we know are affected.” You can read the blog post in its entirety here.

As always, only download apps you are confident are safe. A quick Google search can usually turn up any known issues with questionable apps. Always better to do research first!