After WannaCry, Fireball infects 250 million machines worldwide - India among worst hit
Not even a month has passed and there is yet another malware attack after WannaCry ransomware. Check Point threat Intelligence and research team has recently discovered a new malware, going by the name of Fireball, which has already infected millions of computers all over the world; around 250 million machines and 20% of global corporate networks according to their speculations. Unlike WannaCry, Fireball has infected India (10.1%) the most, closely followed by Brazil (9.6%).
As soon as Fireball gets into your system, it takes complete control of your default internet browser turning it into a zombie. Once that's done, it starts running codes on the victim computer which in turn downloads even more malware, infected files and what not. It also has the ability to manipulate web traffic on your browser (of course, without your concent) which may lead to the boost in ad-revenues generated by the company behind this malware. Currently, Fireball uses plug-ins and additional configurations to do so, but that's not the end of what it can do.
Coming to who is behind this malware; according to Check Point the operation is run and managed by Rafotech, a large digital marketing agency based in Beijing. Although, Rafotech declines any claims of producing and spreading browser-hijacks, but have a look at these numbers first. 300 million user base, quite close to the approximate spread of the malware, rings some bells.
Check Point did take the liberty of comparing Firewall to a major threat in disguise. As of now, this malware/adware doesn't do much harm other than piercing through your search data and redirecting some of your searches elsewhere to generate some revenue for the company behind. But, it has all the tools to completely hijack a machine; not just the browser, the whole system! In the words of Check Point, "it's a pesticide attached to nuclear bomb".
Since, spreading adware is not considered a crime, one can't take any legal action against it. But, one can surely do some small checks to make sure their system is safe. See if you can change the default browser or not. If you are unable to do so, there are high chances that Fireball is in your system. Stop running behind free software, as this adware often comes bundled with such free packages. Lastly, remove anything from your system which you don't remember installing.
Source: blog.checkpoint.com
As soon as Fireball gets into your system, it takes complete control of your default internet browser turning it into a zombie. Once that's done, it starts running codes on the victim computer which in turn downloads even more malware, infected files and what not. It also has the ability to manipulate web traffic on your browser (of course, without your concent) which may lead to the boost in ad-revenues generated by the company behind this malware. Currently, Fireball uses plug-ins and additional configurations to do so, but that's not the end of what it can do.
Coming to who is behind this malware; according to Check Point the operation is run and managed by Rafotech, a large digital marketing agency based in Beijing. Although, Rafotech declines any claims of producing and spreading browser-hijacks, but have a look at these numbers first. 300 million user base, quite close to the approximate spread of the malware, rings some bells.
Check Point did take the liberty of comparing Firewall to a major threat in disguise. As of now, this malware/adware doesn't do much harm other than piercing through your search data and redirecting some of your searches elsewhere to generate some revenue for the company behind. But, it has all the tools to completely hijack a machine; not just the browser, the whole system! In the words of Check Point, "it's a pesticide attached to nuclear bomb".
Since, spreading adware is not considered a crime, one can't take any legal action against it. But, one can surely do some small checks to make sure their system is safe. See if you can change the default browser or not. If you are unable to do so, there are high chances that Fireball is in your system. Stop running behind free software, as this adware often comes bundled with such free packages. Lastly, remove anything from your system which you don't remember installing.
Source: blog.checkpoint.com
Replies
-
Kaustubh KatdareI think it's just a gentle reminder to all the people that they need to keep their machines updated with the latest software. The same goes with every electronic device that you own. If your device notifies you that a software update is available, you need to install it.
You are reading an archived discussion.
Related Posts
The Telecom Regulatory Authority of India (TRAI) has just launched its MyCALL Android app on Google Play Store. Once the app is installed on the phone, users can rate their...
Research engineers from Rice University, Texas have developed an innovative pacemaker that ditches batteries and wires but uses microwaves to power itself. It can be implemented directly into patient's heart....
ZTE owned smartphone brand Nubia has launched a new smartphone in the Indian market. The Nubia Z17 Mini has arrived in India as an Amazon India exclusive. The Nubia Z17...
To continue our discussion from Layoffs are a reality; are you still sleeping? , I thought we should have a discussion on how to prepare for the worst. The bad...
When I'm writing my paper I hope I can know how much time it costs. If there is a small tool in Word which can record my start time and...