Google (NASDAQ:GOOGL) has been attacked, with millions of their users. There are no answers yet.

Your Google accounts might already be compromised if you are using an android phone. Check Point, a cyber security company said on Wednesday that the new variant of a malware named “Gooligan” has already infected more than a million accounts. The attack is not over yet. About 13,000 devices are getting every day.

Attack Most Rampant In Asia

It was also disclosed that most of these attacks are occurring in Asia. 57 percent of the affected devices are in Asia. 19 percent of them are in the Americas, while in Europe this is 9 percent. In Africa, 15 percent of the devices have been breached.

It seems that Gooligan is able to break into the older version androids more easily like the 4 and 5. These versions are still popular in Asia, Africa, and the Middle East.

Google (NASDAQ:GOOGL) have not commented yet on this attack. The business just issued a statement saying that they are working with Check Point to “investigate and protect users”. Check Point has confirmed this.

How Gooligan Works

The malware reportedly gets into mobile devices that run on android and ends up stealing information from Gmail, Google Docs, Google Photos, Google Drive Google Play, and G Suite. Originally, Gooligan was related to SnapPea, an app from 2015.

It gets installed in the system after users download apps from third party stores. It can also get installed when users click links accidentally in phishing attacks. Gooligan then connects to the malware’s main server and downloads a rootkit that allows the attacker to access the android device.

Michael Shaulov, who heads the mobile products security of Check Point said, “This theft of over a million Google account details is very alarming and represents the next stage of cyber-attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them”.

It also installs apps on the phones and rates them highly. The main purpose of Gooligan is to install adware for generating revenues for these apps. Reportedly, the malware is currently generating $320,000 every month.

Google users who believe their accounts have been hacked will have to do a process known as “flashing”. A certified technician or the mobile service provider can do this. Check Point has advised users to change their Google account passwords immediately after flashing.