advertisement
After ‘WannaCry’ it’s now ‘Fireball’ malware that’s tormenting PC users across the globe. Researchers have recently discovered yet another malware that has infected more than 250 million PCs worldwide with India and Brazil being one of the worst affected countries. The malware has the ability to take over a browser on an infected computer and then run any code on these compromised systems.
Also Read: Judy Malware: Not As Big As WannaCry But Still a Threat on Android
Fireball is a malware that has been designed to remotely run any code on the infected machine, or download new malicious files. It’s potentially a serious malware which stays disguised in the machine. The malware can also manipulate web traffic of the infected PC in order to boost ad revenue for websites by the company behind the malware. In this process all your system’s data is compromised including your e-shopping details and pictures on your system. It very cleverly analyses the victim’s browser and switches the default search engine, be it Google or Yahoo with a fake one.
Also Read: WannaCry Ransomware: How It Enters Your PC & How You Can Save Data
According to cyber security firm Check Point, a Beijing-based digital marketing firm called Rafotech is behind the attack.
India is the worst hit with 10.1% of the infections, followed by Brazil with 9.6%. According to cyber security firm Check Point, in India 25.3 million computers have been infected, in Brazil, this number is at 24.1 million, and Mexico is third on the list with 16.1 million infections. Only a fraction of the victims, with around 5.5 million PCs, are in the US.
One way to find out whether your system is infected by Fireball or not is looking at the default home page on your browser, and checking the default search engine. If you are able to alter your default search engine then that’s a good sign, and if not… bad news. It is recommended to use an adware scanner on your default browser. Check Point has also mentioned a full list of indicators to check whether you have been compromised or not on their blog.
Once you find the adware on your personal computer, Windows users can go to Programs and Features list in Windows Control Panel and uninstall the compromised application. MacOS users should use Finder, locate the application, and then trash the file. You should also uninstall any suspicious files or something you don’t remember installing in the first place. All extension tabs, add-ons and additional softwares which you do not use or need should be removed. This can help users get rid of Fireball.
(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)