A new type of malware is doing the rounds, and it has already infected 1 million Android devices. Dubbed Gooligan, this malware roots Android, giving the hackers full control of people’s devices, according to security firm Check Point Software Tecnologies.

A Gooligan infection starts with downloading an infected app from a third-party app store. Gooligan is a variant of Ghost Push, which Google has been aware of since last year. It only works on versions of Jelly Bean, KitKat, and Lollipop—all newer versions are patched. Once infected, devices give hackers access to the users’ Gmail, Google Photos, Docs, Drive and other Google services accounts.

Check Point reported that 57 percent of those hacked are in Asia, but 19 percent are in America and 9 percent are located in Europe. According to Google’s latest data from earlier this month, that amounts to 74 percent of all Android users.