1 Million+ Google Accounts Compromised by Gooligan Malware

Credit: Bakhtiarzein | -
Credit: Bakhtiarzein | –

News is spreading across the internet that more than 1 million Google accounts have been compromised by a malware known as “Gooligan”. The Gooligan malware, which is a type of Trojan Horse, infects Android devices through infected apps that a user installs on their device. Once infected the malware than steals the users authentication key and has full access to the users Google account, including photos, email and docs. According to Google, the Gooilgan malware is a variant of malware that has been around since 2014, called “Ghost Push”.  Another variant of Ghost Push was found in SnapPea, an Android backup and sync application, last year by security researchers at Checkpoint. They are estimating that 13,000 new accounts are being compromised daily.

Read more

Massive DDOS caused outages for Twitter, several other major websites

It has been a rough day for Managed DNS provider Dynamic Network Services, more commonly known as Dyn, and many of their largest clients.  Their engineers have been combating a series of Distributed Denial of Service Attacks, or DDOS, targeted at the infrastructure that runs their popular Managed DNS products.  Dyn reported on their service status page that the attacks began at 11:10 AM UTC, and are primarily affecting the eastern United States.

Just when things seemed to calm down, another round of attacks was launched at 3:52 PM UTC, according to Dyn. The attack has made accessing or greatly the reduced functionality of many of the webs top websites and services including Twitter, Amazon, Spotify. A post over at  Gizmodo lists scores more according to a post over at  As of the time of this writing Dyn’s latest update posted at 10:00 PM UTC shows the following

“Our engineers continue to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure.”

This post was a common theme today their status page. It seems the woes for Dyn and its customers aren’t quite over just yet. The FBI and DHS are investigating this attack, expect more details to emerge in the coming days.

T-Mobile busted throttling unlimited data. Will pay 48M FCC fine.

The Federal Communications Commission announced that wireless carrier T-Mobile will is the latest carrier to be caught throttling heavy data using customers who subscribe to the companies “unlimited” data plans, without adequately informing the customers of this policy. The settlement was reached between the two parties, in a case where the FCC accused T-Mobile of violating the Commission’s Open Internet Transparency Rules, which were established in 2010. As a result T-Mobile has agreed to pay $48 Million in penalties and improve its disclosures and notification policies.

The problems for T-Mobile started when the FCC began receiving complaints from customers of T-Mobile, and its subsidiary MetroPCS that their unlimited data plans were being “de-prioritized”, or slowed. It was revealed that T-Mobile has a policy that the top 3% of data users will have their data slowed during peak usage times, with the slowdown beginning around 17 GB of data usage. The real problem is not the throttling itself as much as it is the fact that T-Mobile made great efforts to advertise its plans as “unlimited”, but did not make much of an effort to inform consumers of the “top 3% policy”

As part of the settlement T-Mobile will pay the US treasury $7.5M and will put together a 35M customer benefit program where  affected customers will be eligible for 4GB of free data, or a 20% discount on any phone accessory. In addition T-Mobile must invest around 5 million into programs that help economically disadvantaged students gain access to technology.