‘Fireball’ Malware Infects 25 Mn PCs Globally, India ‘Worst Hit’

Fireball malware infected more than 25 million PCs globally. What is it and where did it come from?

Cyrus John
Tech News
Updated:
Fireball is a Chinese malware. (Photo: iStock)
i
Fireball is a Chinese malware. (Photo: iStock)
null

advertisement

After ‘WannaCry’ it’s now ‘Fireball’ malware that’s tormenting PC users across the globe. Researchers have recently discovered yet another malware that has infected more than 250 million PCs worldwide with India and Brazil being one of the worst affected countries. The malware has the ability to take over a browser on an infected computer and then run any code on these compromised systems.

Also Read: Judy Malware: Not As Big As WannaCry But Still a Threat on Android

What is ‘Fireball’ Malware?

Fireball is a malware that has been designed to remotely run any code on the infected machine, or download new malicious files. It’s potentially a serious malware which stays disguised in the machine. The malware can also manipulate web traffic of the infected PC in order to boost ad revenue for websites by the company behind the malware. In this process all your system’s data is compromised including your e-shopping details and pictures on your system. It very cleverly analyses the victim’s browser and switches the default search engine, be it Google or Yahoo with a fake one.

Also Read: WannaCry Ransomware: How It Enters Your PC & How You Can Save Data

Its Origin & Impact?

According to cyber security firm Check Point, a Beijing-based digital marketing firm called Rafotech is behind the attack.

India is the worst hit with 10.1% of the infections, followed by Brazil with 9.6%. According to cyber security firm Check Point, in India 25.3 million computers have been infected, in Brazil, this number is at 24.1 million, and Mexico is third on the list with 16.1 million infections. Only a fraction of the victims, with around 5.5 million PCs, are in the US.

ADVERTISEMENT
ADVERTISEMENT

How to Know If You Have Been Infected?

One way to find out whether your system is infected by Fireball or not is looking at the default home page on your browser, and checking the default search engine. If you are able to alter your default search engine then that’s a good sign, and if not… bad news. It is recommended to use an adware scanner on your default browser. Check Point has also mentioned a full list of indicators to check whether you have been compromised or not on their blog.

It is up to the users to be vigilant while surfing the internet and stay away from scrupulous download links which are bound to infect the system. Refrain from clicking any of these links and downloading unknown softwares.
Rahul Tyagi, VP, Lucideus 

Can Fireball Be Removed ?

Once you find the adware on your personal computer, Windows users can go to Programs and Features list in Windows Control Panel and uninstall the compromised application. MacOS users should use Finder, locate the application, and then trash the file. You should also uninstall any suspicious files or something you don’t remember installing in the first place. All extension tabs, add-ons and additional softwares which you do not use or need should be removed. This can help users get rid of Fireball.

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: 05 Jun 2017,08:16 PM IST

ADVERTISEMENT
SCROLL FOR NEXT