Simply put, Gooligan is a bad news for all the Android users. Discovered by the security researchers at CheckPoint Security Labs (the makers of the popular ZoneAlarm firewall and antivirus), Gooligan is a new malware campaign being run by cyber-criminals worldwide and has already succeeded in targeting more than a million of the Android devices. As per the report, Gooligan primarily targets only the devices running Android 4.x and Android 5.x. It works by rooting those devices using many different publicly known methods and then taking control of them.
But it does not limit itself to the rooting of Android devices and installing some of the malicious apps, it actually steals the passwords and login tokens to your Google account using which the cyber-criminals can easily access your Google account and all the various services linked to it. It even injects modules in Android Play Store so downloading an antivirus app does not really work that well.
As far as the Android device is concerned, it should be taken to the service center of your device manufacturer where they will re-flash the original ROM and remove all the changes made by the malware. If you know how to flash ROM in your device yourself, then you can also attempt to do the same.
But to check if your Google account is affected, you can use the web app Gooligan Checker created by the CheckPoint Security. You simply have to enter the email address associated with your Google account and click on the Check button. In a fraction of the second, you will be notified if your Google account was breached or whether you are safe.
In any case, you should take the precaution of installing a good antivirus app in your Android device. If possible, you should upgrade to the new Android Marshmallow 6.x or install some of the software patches on your Android 4.x or 5.x device. If no updates are available for your device, then it is time to buy a new Android smartphone – there are plenty of cheap ones available that run on Android Marshmallow or newer.
You can find more information about Gooligan at http://blog.checkpoint.com/2016/11/30/1-million-google-accounts-breached-gooligan/.