I don't think this is a problem for more recent phones. It's my understanding that "gooligan" is specifically targeting older, outdated versions of Android.
I believe it only effects phones running on Jelly Bean, Kitkat, and Lollipop. Newer versions of the OS(Marshmallow and Nougat) are not effected.
There is something that's important to understand about Android OS and the Android phones that run it. "Android" isn't "Android" isn't "Android".
Google owns Android. Google makes, or contracts to have made, several Android devices. The phones among these devices are called Nexus 5x, Nexus 6p(both older models), and the new Google Pixel phones. These phones run on google's software and google controls the updates completely. They get the monthly security updates to the Android OS system each and every month. These are the only Android phones that google controls directly.
Android itself is a OPEN SOURCE operating system that google licenses and distributes free of charge. It won't run a phone all by itself. It's a base software package. Other companies(Samsung, LG, Motorola, OnePlus, the list goes ever on and on....) take this base operating system and sort of "complete" it, for lack of a better term. It becomes their proprietary version of Android that is made to run specifically on that make and model of phone.
Here in lies a problem.
Google cannot update these phones. They can, and do, release a monthly security update to the base operating system, but it's up to the manufacturers of the phones(or sometimes the service providers as well) themselves to take this update and apply it to the specific build of Android they have created for your specific phone.
Hardly any of them bother.
At least past a certain point. Some of the major high end players, like Samsung, do a pretty good job of it on their newest, HIGH END models. They pretty much ALL fail to bother with it on lower end or aging models.
Apple doesn't really have this problem because their OS is the opposite of open source. They control all the hardware, as well as all the software. They also cost a small fortune.
I prefer Android phones, but it pays to understand the nature of this issue. For anybody that wants to learn more, I'd recommend reading articles about Android security by Jerry Hildenbrand over at Android Central(.com). This guy really knows his stuff and is one of the few people who actually cares deeply about the issue on a personal level. His articles are geared toward normal people, not just ultra-tech-geek squad.
http://www.androidcentral.com/monthly-security-patches-are-most-important-updates-youll-never-get
Now don't freak out and throw away your phone.
My 3rd Gen(2013) Motorola Moto G is still running on the December 2015 security patch. I'm not happy about it, but I'll put up with it for now because I'm cheap. I'll not use if for mobile banking though, even if the odds that I'll have a problem are really low.
