Zimperium users are safe from Gooligan.
A new threat, called Gooligan, which is a family of Android-based malware, has compromised more than 1M Google accounts — and many of those are enterprise users.
“Not surprisingly, a malware, spread in unofficial markets, can create real damage,” said Zimperium founder and CTO, Zuk Avraham.
Gooligan fully compromised the Android devices, providing the attacker with complete control over the accounts and data. Outdated versions of Android leave users vulnerable to malware such as this one and can also be risky to the Internet and to the carriers themselves.
However, there is no impact/risk to Zimperium users, as it uses two old exploits and Zimperium detects this threat without a signature. In fact, Zimperium applications detected Gooligan prior to it having a ‘name’. No further action is required by Zimperium customers and partners. Risk level = very low.
In order for enterprises to be safe, they must deploy a mobile threat defense (MTD) solution across their workforce. Many organizations rely on EMM solutions to manage policy compliance, but these products cannot detect or remediate cyber threats like Gooligan. With Zimperium in place, enterprises are safe from both known and unknown threats.
Note directly from zLabs: z9 engine detects CVE-2013-6282 & CVE-2014-3153 used by Gooligan without an update. No action is required by Z partners. Risk level: v. low.
