After WannaCry Ransomware annihilated hundreds of thousands of computers all around the world, we are witnessing the rise of another dangerous malware campaign named Fireball. Security firm Check Point Threat Intelligence discovered this high volume threat which has infected more than 250 million computers worldwide.
Originating from China, this malware has two main powers. It can run any malicious code on the victim’s computer. It can also hijack and manipulate infected users’ traffic to generate fraudulent ad revenue. The most infected countries are India (10.1%) and Brazil (9.6%).
You’ll be surprised to know that the overall Fireball malware operation is run by Rafotech, which is a large marketing agency in Beijing. The company uses Fireball malware to turn the home pages and default search engines of web browsers into fake ones.
Check Points calls browser-hijackers like Fireball hybrid creatures, which are half seemingly legitimate software and half malware. Please note that currently Rafotech uses Fireball only for generating fake internet traffic, but it can perform any typical action of a malware.
Submitted by: Arnfried Walbrecht