New Chinese 'Fireball' malware infects 2.5 crore computers in India

New Chinese 'Fireball' malware infects 2.5 crore computers in India

New Chinese 'Fireball' malware infects 2.5 crore computers in India

While enterprises across the globe are still recuperating from the massive "WannaCry" malware attack, security firm Check Point has warned of a new outbreak that has already infected 250 million computers worldwide with India among the worst-hit countries.

Web tracking adware that a Chinese marketing company has installed on millions of PCs could be used to steal passwords, leak data, or install malware.

Fireball can run any code, download any file/malware, hijack and manipulate victim's web-traffic to generate ad-revenue. A user's default search engines and home pages are replaced with fake sites, which can track and collect private information. Fireball has infected more 250 million computers worldwide, with 20 percent occurring on corporate networks.

"Currently, Fireball installs plug-ins and additional configurations to boost its advertisements, but just as easily it can turn into a prominent distributor for any additional malware", blogged the researchers.

Vladimir Putin denies US intelligence claims, says hackers can be anywhere
The FBI is in the midst of an investigation into alleged ties between the Trump campaign and Russian election meddling. What's an ambassador supposed to do? Putin said. "He's paid for holding meetings, discussing current affairs".

These fake search engines do nothing more than divert search queries through Google and Yahoo's affiliate programs, earning the Chinese company a commission.

The new threat called "Fireball" is created to hijack browsers to change the default search engine and track their web traffic on behalf of Beijing-based digital marketing firm called Rafotech, reported on Friday. "But it is able to pull any other malware to the infected devices, so it has a maliciousness". While the United States was on the low end at 2.2 percent, it still witnessed 5.5 million hits. It's spread mostly through bundling: installed on the victim's computer packaged with a desired program - often without a user's consent. "The malware and the fake search engines don't carry indicators connecting them to Rafotech, they can not be uninstalled by an ordinary user, and they hide their true nature", they wrote.

Rafotech carefully walks along the edge of legitimacy, knowing that adware distribution is not considered a crime like malware distribution is. "These actions can have serious consequences".

Check Point said that Fireball is highly sophisticated and and utilises "quality evasion techniques, including anti-detection capabilities, multi-layer structure and a flexible C&C".

New Zealand coach Steve Hansen questions Lions' tour schedule
But as they strolled around London , introducing themselves to one another, there was a quiet confidence among the class of 2017. The rollercoaster domestic season had to be consigned to a previous life, as all four unions came together under one badge.

The signs of the infection are that the user opens their browser to a home page not of their choosing, and they can not alter.

They recommend the use of adware scanners as well.

"Ironically, although Rafotech doesn't admit it produces browser hijackers and fake search engines, it does (proudly) declare itself a successful marketing agency, reaching 300 million users worldwide - coincidentally similar to our number of estimated infections", adds Check Point.

Steve Kerr intends to 'coach for a long time' despite back
He is one of the best shooters I have ever seen. "It has been a great motivating factor", Warriors guard Stephen Curry said. For pure star power, these NBA Finals between the Warriors and Cavaliers are like a front row at the Academy Awards.

Related news