Malware Contaminating 250 Million Devices could be a ‘Catastrophe’
One new operation involving cybercrime originated from China has infected 250Mn computers and 20% of the corporate networks all over the world.
Check Point, security software firm, researchers has discovered Fireball malware, which is operated by digital marketing agency called Rafotech based in Beijing. It acts like the browser-hijacker, although can become a malware downloader functioning fully under the control of attacker. Cybersecurity firm Check Point says that this cybercrime operation is linked with the Rafotech, which is a firm from China claiming of providing the digital marketing as well as game applications to 300Mn customers. Allegedly, it is using the Fireball for manipulating browsers of the victim, changing the search engines, as well as scoop up data of users.
Maya Horowitz, Check Point's threat intelligence group manager, says that it is not technically much more advanced than the other malware. He further said that "it is able to pull any other malware to the infected devices, so it has maliciousness".
Researchers of Check Point blogged this week (1st June) stating that "many threat actors would like to have even a fraction of Rafotech's power." Ibtimes.co.uk posted on June 1st, 2017, stating that Rafotech didn't immediately has responded to the request for comment.
Although Rafotech is presently using the Fireball for collecting data as well as monetary gain, a backdoor is provided by the malware which could be exploited for more attacks. Once it gets installed on the machine of a victim, the Fireball also can execute code on the device for stealing information or dropping more malware.
Another threat is contained by the Fireball: fake search engine comprises tracking the pixels used for collecting users' private information, thus Fireball could further spy on the victims. Fireball turns out infectious, with huge infection rate. Largest infections proportions are in Mexico, Brazil, and India; and there are over 5.5Mn in United States. Based on global sensors of Check Point, percentages of the corporate networks that are affected were much more: Hit rates in US (10.7%) as well as China (4.7%) were alarming, and much more in Indonesia (60%), India (43%) and Brazil (38%).
Good news is Fireball could be removed from the PCs by uninstallation of the adware using the Features and Programs list in Windows Control Panel, or by using Mac Finder function in Applications folder on the Macs.
» SPAMfighter News - 6/6/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!