More than a million Google accounts have been hijacked by "Gooligan" malware, according to the company and a cybersecurity firm. "The number continues to rise at an additional 13,000 breached devices each day," said cybersecurity firm Check Point, which discovered the attack and is working with Google to combat it. Hundreds of infected accounts belong to businesses rather than individual users, Check Point said Nov. 30. Gooligan steals authentication tokens — electronic identity codes for users — that "can be used to access data from Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more," according to Check Point. Infections occurred via "legitimate-looking apps on third-party Android app stores" and could also happen via "phishing scams where attackers broadcast links to infected apps to unsuspecting users via SMS or other messaging services," Check Point said. Aside from grabbing users' authentication information, the criminals behind Gooligan don't appear