<span id="hs_cos_wrapper_post_body" class="hs_cos_wrapper hs_cos_wrapper_meta_field hs_cos_wrapper_type_rich_text" style="" data-hs-cos-general-type="meta_field" data-hs-cos-type="rich_text" ><p>One criteria for the success of malware is its scope of distribution. Gooligan, a mobile malware, found in the app SnapPea that is <a href="http://www.androidfreeware.net/download-snappea.html">described</a> as a "one-stop shopping experience", has succeeded in this aspect. <a href="http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/">Check Poin</a>t reported that this malware has breached more than 1 Million Google accounts. This malware has been distributed through apps that are available in third party Android stores. In order to increase the number of downloads for these apps, and in turn the malware, there have also been phishing campaigns which contained download links, sent through various messaging services.</p> <!--more--> <p>In addition to its wide distribution, its pool of possible infected devices is wide due to the fact that it had been found to affect devices on Android 4 and 5 which includes a major portion of users.</p> <p>Additionally, it can employ click-fraud which is another direct financial benefit for the operators and who can gain root access on the device which is achieved by use of known exploit kits.</p> <p>ThreatSTOP customers are protected from <strong>Gooligan</strong> if they have the <strong>TSCrit</strong> targets enabled in their policy.</p></span>
![Bad Domain of the Week: D-D-Don't mess with ddd[.]com](https://www.threatstop.com/hs-fs/hubfs/ddd.png?width=600&name=ddd.png)
