As I was scrolling through my usual feed this morning consisting of ten different platforms with ten similarly guarded accounts, I came across the news that a recent malware exploit, dubbed “gooligan” compromised 1 million Google accounts. The exploit roots your phone (if it is running any flavor of android 4 or 5) and compromises authentication tokens. The process continues by installing unwanted apps to your phone linked to the malware, and rates them to raise the app’s reputation. People (not including myself thankfully because I run the latest OS [Nexus and Pixel users get special treatment]), then flocked to usual safe havens like haveibeenpwned.com or checkpoint.com to see if their details were compromised. If details were compromised, users have to evaluate their situation with a list of questions:
- How many accounts was my Google account linked to?
- Do I use the same information for multiple outlets?
- Why haven’t I changed my password in over two years?
- Did I feed my dog this morning?