The infection occurs when a user downloads and installs a “Gooligan”-infected app on third-party app stores, or when users accidentally click on malicious links in phishing attacks. It sends data about the device to the malware’s main server and downloads a rootkit, which enables the attacker to gain control of the mobile device. The malware is more dominant in the older version of Android, namely 4 and 5. About 57 percent of the affected devices are found in Asia, 9 percent are in Europe, 15 percent are in Africa and 19 percent are in the Americas. Android device users who suspect their account might have been hacked will need to go through a process called “flashing,” done by mobile service providers or a certified technician. By introducing your G-mail address at https://gooligan.checkpoint.com/ you can know if your Google account was compromised by Gooligan malware.