anup singh
anup singh
Aeronautical
05 Jun 2017

After WannaCry, Fireball infects 250 million machines worldwide - India among worst hit

Not even a month has passed and there is yet another malware attack after WannaCry ransomware. Check Point threat Intelligence and research team has recently discovered a new malware, going by the name of Fireball, which has already infected millions of computers all over the world; around 250 million machines and 20% of global corporate networks according to their speculations. Unlike WannaCry, Fireball has infected India (10.1%) the most, closely followed by Brazil (9.6%).

fireball_infections_malware

As soon as Fireball gets into your system, it takes complete control of your default internet browser turning it into a zombie. Once that's done, it starts running codes on the victim computer which in turn downloads even more malware, infected files and what not. It also has the ability to manipulate web traffic on your browser (of course, without your concent) which may lead to the boost in ad-revenues generated by the company behind this malware. Currently, Fireball uses plug-ins and additional configurations to do so, but that's not the end of what it can do.

Coming to who is behind this malware; according to Check Point the operation is run and managed by Rafotech, a large digital marketing agency based in Beijing. Although, Rafotech declines any claims of producing and spreading browser-hijacks, but have a look at these numbers first. 300 million user base, quite close to the approximate spread of the malware, rings some bells.

Check Point did take the liberty of comparing Firewall to a major threat in disguise. As of now, this malware/adware doesn't do much harm other than piercing through your search data and redirecting some of your searches elsewhere to generate some revenue for the company behind. But, it has all the tools to completely hijack a machine; not just the browser, the whole system! In the words of Check Point, "it's a pesticide attached to nuclear bomb".

Since, spreading adware is not considered a crime, one can't take any legal action against it. But, one can surely do some small checks to make sure their system is safe. See if you can change the default browser or not. If you are unable to do so, there are high chances that Fireball is in your system. Stop running behind free software, as this adware often comes bundled with such free packages. Lastly, remove anything from your system which you don't remember installing.

Source: Check Point
06 Jun 2017
I think it's just a gentle reminder to all the people that they need to keep their machines updated with the latest software. The same goes with every electronic device that you own. If your device notifies you that a software update is available, you need to install it.

Share this content on your social channels -

Only logged in users can reply.