Malware attacks have lately been on a rise. Malware is a malicious file, program or software that is harmful for your digital equipment. Malware can be computer viruses, worms, Trojan horses and spyware. Once these malicious programs get installed in your system, then they can perform a variety of harmful functions, including stealing, encrypting or deleting sensitive data, altering or hijacking core computing functions and monitoring users’ computer activity without their permission. Previously, a similar ransomware named WannaCry targeted computer networks worldwide. WannaCry ransomware targeted more than 2 million systems worldwide. But this time the new malware called Fireball, has successfully targeted around 250 million of systems worldwide. The latest research by Check Point, has revealed that Fireball is a malware or an adware package that takes complete control of victim’s web browsers and turns them into zombies, potentially allowing attackers to spy on victim’s web traffic and steal their data. Fireball’s malicious code has been allegedly designed to hijack browsers in order to change their default search engine, and track their web traffic. The Check Point research also revealed that malware is spreading through freeware.
What is ‘Fireball’ Malware?
Fireball is a malware or adware that has been designed to remotely run any code on the infected machine, or download new malicious files. According to Check Point, the malware has been created by Rafotech, which is a digital marketing agency based in Beijing. Fireball may come into a system bundled with a variety of other free software programs that you download from the Internet. Once a software is installed, the malware installs browser plugins to manipulate the victim’s web browser configurations and replace their default search engines and home pages with fake search engines (e.g.trotux.com). In this process, all of your system’s data is compromised. This may include your e-shopping details, pictures and various other sensitive data.
India is adversely affected by Fireball
According to security researchers, over 250 million computers are infected worldwide of which, 20 percent are corporate networks. Following countries have been majorly affected by Firewall malware:
- 25.3 million Infections in India (10.1%)
- 24.1 million In Brazil (9.6%)
- 16.1 million In Mexico (6.4%)
- 13.1 million In Indonesia (5.2%)
- 5.5 million In US (2.2%)
How to check for Fireball yourself?
One can easily find out whether his system is affected with this malware or not by following the steps mentioned below:
- Check your browser for your default search engine; if your default search engine appears to be changed for ex: so-so desktop, then your system is possibly affected by this malware.
- Try to change default search engine; if you are able to alter your default search engine in that case, you might be safe.
- Check plugins installed in your browser.
Cyber Security Mitigations
You can protect yourself from Firewall malware with following recommendation:
- Uninstall any malicious or unknown browser which appears to be installed in your system.
- Check your browser for unknown plugins and uninstall them.
- Always use Anti-Malware software or Adware cleaner software.
- Restore your Internet browser to its default settings.
- Always pay attention while installing software, as software installers usually include optional installs; don’t forget to deselect those options.
- Pay attention to advertisements that you may come across.
For Mac OS users:
Mac users can prevent this malware infection by keeping in mind the following:
- You can use the Finder to locate the Applications
- Once you find, drag the suspicious file to the Trash.
- Empty the Trash.