All aboard the fail boat…

Millions of Android devices are getting hit by a new batch of malware called Gooligan.
Android ‘Gooligan’ Hackers Just Scored The Biggest Ever Theft Of Google Accounts
http://arstechnica.com/security/2016/11/1-million-android-accounts-compromised-by-android-malware-called-gooligan/
Gooligan malware roots 1M Android phones in “largest Google account breach to date”

As the Forbes article mentioned…

Once downloaded, Gooligan determines which Android phone it’s infected and launches the appropriate exploits to “root” the device – i.e. take complete control over it. To do that, the attackers have used long-known vulnerabilities, such as VROOT and Towelroot, on devices running Android 4 through 5, including Jelly Bean, KitKat and Lollipop. Together, those operating systems account for 74 per cent of Android devices in use today, totalling around 1.03 billion. Most infections (40 per cent) are in Asia, though 19 per cent are in the Americas, most of which are in North America, Shaulov said. Another 12 per cent are based in Europe.

And I bet you’re all asking why? Yeah… it’s because your Android device hasn’t received any critical software updates. This is why I switched to the iPhone. The reason… security updates and operating system updates.

To those that don’t know about all of this, let me inform you. Your device has two major software layers; the operating system and the apps that you use like Facebook, email, web browser, etc. What many people see as updates are just app updates, these aren’t patching issues with the operating system itself (Android). The problem is many devices don’t get these operating system updates. Think of operating system updates like Windows Updates. Well… your apps may have been updated but your operating system is still very very vulnerable to being hacked by hackers to steal your data.

I bet you’re asking why. Why doesn’t my device get these updates? Simple. Money. That’s right… money. Your carrier and your Android OEM (Samsung, LG, HTC, etc.) would much rather have you buy a new device instead. But here’s the kicker… if you buy that new device they’re only going to turn around and do the same thing that they did to your older device, that is… abandon it only to tell you to buy a new device instead. This keeps you forever on the upgrade treadmill because it makes them money, truckloads of money.

Now, you may have heard about something called the Apple iPhone. The difference between Android and iPhones is that when Apple came out with the iPhone they pretty much told the carriers (AT&T, Verizon, etc.) that they were going to do things their way. They were going to push the software updates themselves. This allows Apple is be able to push software updates to every iPhone across the world so that your iPhone gets the latest and patched iOS version the same day that everyone across the world gets it so that your device remains far more secure than any Android.

Security experts agree… if you care about security and that data on your phone, you buy an iPhone. They may be more expensive but in the end your device is getting supported by Apple unlike Android in which they don’t care about you.

Not only that but if you have a problem or question a simple trip to the Apple Store or a phone call to Apple is all you need, they will help you figure out what’s wrong and help you fix it. You don’t get that kind of safety net with Android devices.

  • Anonymous

    >This is why I switched to the iPhone.
    From one fail boat to the other…

  • Mr. Bill

    “This is why I switched to the iPhone. The reason… security updates and operating system updates.”

    Unfortunately android always has to be in the shadow of iOS, and doesn’t get the credit it deserves as a great OS, even if not as ‘perfect’. Look, I get what you are saying, except you could have switched to a nexus, pixel or installed lineageOS on older devices which gets the monthly patch. Also most big name phones do get at least quarterly updates and are reasonably protected by android security. Also, much of the attack surface of android is updateable via user space (play store), where as iOS requires a full OS update just for things like Safari and messages.
    iPhones cannot do some of the things I depend on (in the name of security, however I am a ‘big boy’ and can use common sense) and end up using the android phone, even though i currently have a iPhone 6 and a galaxy S5, the android OS in my opinion is ‘better’, functionally, even though iPhone is a nice device in its own ways.
    I do believe though that the average person can have no better advice than simply get an iPhone, where cost is not an issue. The world is much better off that ‘grandma’ is using an iPad/phone rather than a windows desktop PC. (Even the Mac – grandma still has the power to give permission to modify the OS itself)
    The point of security is keeping stuff out. So when someone goes into a big detailed description of what happens when the android malware is on a device (a quick glance down always reveals a one sentence caveat that you have to sideload the offending malware apk file – yes there are occasional bad apps found and purged from the play store – same for apple) – i stop reading. Its like saying that the bank robber steals your life savings and ruins your life. Of course they would – the idea is to keep them out – its called security. Security does not prevent the existence of would-be bank robbers/malware. We know why android malware exists – because of the supposed 20,000 ‘third-word’ non-google approved (yet perfectly allowed) android compatible forked devices. There is not this opportunity for iOS, as so few are jailbroken. But like I said, the world is a better place if people are using iPhones (or any smartphones) rather than desktop computers. You cannot stereotype the android OS based on what happens with particular insecure device(s) somewhere in the world.