Check Point reported at least 86 apps have been found to have traces of Gooligan, most of which appear legitimate and have been given artificially high ratings in the app store.
Once one of the infected apps is installed onto a user’s device, either from an app store or by clicking a malicious link, it begins collecting data about the device and reporting it to a command and control server—a centralized computer that issues commands to and receives reports from devices.
How to check / know if your account is hacked?
Check Point recommended in a blog post that people who suspect their devices may have been compromised (seen unusual pop-up ads on your phone lately?) should check to see whether their account has been breached by entering their email addresses at the following website: https://gooligan.checkpoint.com/.