- Here is the tool link: https://gooligan.checkpoint.com
A Gooligan infection starts with downloading an infected app from a third-party app store. Gooligan is a variant of Ghost Push, which Google has been aware of since last year. It only works on versions of Jelly Bean, KitKat, and Lollipop—all newer versions are patched. Upon being installed by the user, it downloads a root exploit like Towelroot to gain full access to the device. The malware copies the user's account token and sends it to a remote server, giving the malware authors full access to the account data.
Information from Android Police and Business Insider. Click on respective link for additional information.