Gooligan is a mobile malware targeting Android OS devices, many of which are susceptible to long known exploits, such as VROOT (CVE-2013-6282) and Towelroot (CVE-2014-3153).
If you follow cybersecurity news, you may have heard of the latest Linux exploit referenced under CVE-2016-5195, which has been dubbed Dirty COW. The name is derived based on the exploitation of the copy-on-write (COW) mechanism in Linux.
We mobile researchers sometimes classify apps in order to warn users of its presence because of its potential harm, but leave it up to the users’ discretion to remove. This is the case when it comes to a subcategory of PUPs called monitors. Monitoring apps are those that can be great tools if you lose your phone, but could also be easily used to spy on an unsuspecting target.