Last November, a nasty Android malware named Gooligan affected over a million Google accounts and still continues to do so on vulnerable unpatched Android phones.
This malware basically uses Google user permissions to install ads and unwanted apps. There is a handy online tool that can check if your Android account is affected or not.
Go here and enter the Gmail account details. Then, click CHECK.
If all is ok, a notification will be shown indicating that the account is safe.
If breached, the only measures that can be taken are to completely flash the Android device (not even factory reset) and changing the account password (or make a new account altogether).
However, there are a few tips to prevent such Android malware :
- Use a separate, dummy Gmail account for device setup and app downloads.
- Don’t install apps from sources other than official Play Store.
- Uninstall apps that are not used and keep only those that are from trusted publishers.
Besides this, Google also offers an online security check-up tool to keep accounts safe.
It is a good practice to use such tools frequently to know of any potential breaches.