India Among Worst-Affected Countries by New ‘Fireball’ Malware
Fireball, Chinese malware, has infected more than 250 Mn computers all over the world until now; and India is the biggest victim of Fireball, follows by Brazil. Presently, Fireball is acting as adware propelling traffic of infected computer to its website; and generate ad-revenue as per the findings of Check Point Threat Intelligence.
As per a published report on Thursday, Check Point Software Technologies claims that malware hijacks the browsers and generated revenue for Rafotech, which is a digital marketing agency based in Beijing. Check Point calls this "possibly the largest infection operation in history," and also added that it could be turned into distributor of another malware family.
The malicious software seems to be primarily intended for generating fake clicks as well as traffic for Rafotech, its creator, which is an advertising firm based in Beijing. Once installed, then software redirects the browser of user to websites which mimic look of Yahoo or Google search homepages. Fortune.com posted on June 3rd, 2017, also stated that forged pages surreptitiously collect private information of user by using the so-called tracking pixels.
Researchers says that "fireball has the ability to spy on victims, perform efficient malware dropping, and execute any malicious code in the infected machines, this creates a massive security flaw in targeted machines and networks."
Check Point says that victims got infected with the Fireball through stealth installs bundled with the desirable Rafotech applications like Mustang Browser, Deal Wifi, FVP Imageviewer and Soso Desktop.
The most threatening fact is that, Fireball has been designed for running any type of programming code on infected computer and then downloads the files. Therefore, it has the ability to spy on the users of the infected computers, and then install more malware. Such type of cyber spying could result in theft of the banking credentials, confidential data, and patents.
The point is as the Fireball acts as adware and not vicious malware, it has legit digital certificate. Luckily, disinfection is clearly straightforward. Fireball could be removed from the PCs by uninstallation of adware using Programs and Features list in Windows Control Panel, or by using Mac Finder function in Applications folder of Macs. Check Point further says that "users should also be removing malicious add-ons, extensions or plug-ins from their browsers."
» SPAMfighter News - 6/8/2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!