After the malware Judy that affected around 36.5 million devices around the globe, a new malware, Fireball, spread by Rafotech, a digital marketer from China, has reportedly affected over 250 million computer devices worldwide. It has converted over a quarter billion web browsers into ad-revenue generating engines. Also, it has infected 20% of the corporate networks around the world.
Fireball takes control of destined web browsers and manipulates their traffic to generate ad revenue. It also has an ability to run any code on the victim’s computer. It can download any files or for that instance, the malware itself which further spawns a heavy security blemish in targeted machines.
Currently, Fireball installs various configurations and plugins to hike the visibility of their advertisements. The primary goal of the malware is to track the search behaviour of the users and generate advertisements accordingly. The default search engines and home pages of the affected computers were seen to be converted into fake ones. The fake search engines were capable of collecting user’s private information with the help of tracking pixels.
According to Alexa’s web traffic data, as many as 14 of these fake, unsafe web pages are among the top 10,000 websites worldwide. Among these, some have even been in the top 1000.
The major spread of the malware Fireball was assisted by bundling. It installed itself on user’s machine along with a desired program like Deal Wifi, Mustang Browser, Soso Desktop and FVP Imageviewer without any compliance of the user.
According to an analysis by Checkpoint, there were 25.3 million infections in India (10.1%), 24.1 million in Brazil (9.6%), 16.1 million in Mexico (6.4%), and 13.1 million in Indonesia (5.2%) and 5.5 million infections (2.2%).
Rafotech, with the help of this malware has a capability to spy on users and stealing credit card credentials, patents and other sensitive data from the infected machines and use it to their undue advantage.
Common signs of infection by Fireball include not being able to change the default home page or having browser settings which contrast the ones which you set as default.
If you are a Windows user, you can get rid of Fireball my deleting the adware from the Programs and Features list which can be found in the Control Panel. For Mac devices, you can use Mac Finder function in the Applications folder and delete the suspicious applications.
Here how you can