Notebookcheck

Chinese "Fireball" malware infects almost 250 million computers

The Malware, developed by a Chinese digital marketing company, hijacks the victim's browser and can then steal their private information or install additional malware. (Source: Check Point Threat Intelligence)
The Malware, developed by a Chinese digital marketing company, hijacks the victim's browser and can then steal their private information or install additional malware. (Source: Check Point Threat Intelligence)
Chinese company Rafotech has been found to be responsible for the current epidemic of the "Fireball" malware, which has affected nearly 250 million computers worldwide. Fireball is usually installed by piggybacking on an installer of wanted software; it then hijacks the user's browser and can then proceed to do anything from spying to dropping additional malware.

The furor over the recent spate of cyberattacks such as the much reviled ‘Wanna Cry Ransomware’ debacle has barely subsided, and yet another potential mass threat that possesses great potential for mischief and mayhem has surfaced.

Cyber security company Check Point Software Technology’s Threat Intelligence and various research teams have discovered a Chinese origin rootkit-like malware named ‘Fireball’ that has the capability to hijack browsers as well as install plugins and other software to enhance its capabilities on the target machines.

At the time, its main purpose seems to be driving traffic to specific websites for the purposes of generating ad revenue. According to the researchers, Fireball seems to be serving the business and traffic monitoring needs of Rafotech, a sizable digital marketing agency operating out of Beijing, China.

It replaces homepages and redirects to fake search engines riddled with tracking pixels to monitor and track the infected machine and relay back vital statistics and personal information. What makes Fireball potentially much more dangerous is that it can easily install other software on an infected machine, which opens up a Pandora's box with more sinister implications.

Another particularly alarming fact about Fireball is that the estimated number of infected machines is put at a whopping 250 million and that includes machines in corporate networks. As for the geographical spread of the infections, according to Check Point’s global sensors, India, Brazil, Mexico and Indonesia rank very high. Of corporate networks, hit rates in the US and even China are dangerously high.

As for protection measures: as always, prevention is better (and much easier) than the cure. Extreme care should be taken while installing any dubious freeware or plugins whose exact origin and purpose is not known, and all security software and operating systems should always be updated in a timely manner.

Working For Notebookcheck

Are you a techie who knows how to write? Then join our Team! Especially English native speakers welcome!

Currently wanted: 
News and Editorial Editor - Details here

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2017 06 > Chinese "Fireball" malware infects almost 250 million computers
Hassan Arshad Chattha, 2017-06- 4 (Update: 2017-06- 4)
Douglas Black
Douglas Black - News Editor
Douglas Black is a technology analyst, teacher, writer, and DJ. He is also Managing Editor of UltrabookReview.