Fireball adware infecting nearly 250 million computers: CheckPoint research

CheckPoint researchers note that India is amongst the worst hit with an infection rate of 10.1 percent or around 25.3 million PCs.

Published Date
05 - Jun - 2017
| Last Updated
05 - Jun - 2017
 
Fireball adware infecting nearly 250 million computers: CheckPoin...

CheckPoint Researchers have discovered another adware nicknamed Fireball, that has reportedly affected around 250 million computers. The researchers claim that a Chinese digital marketing company named Rafotech is behind the spread of a new inter-connected adware family that is affecting millions of computers in the process.

According to CheckPoint's investigation, Rafotech has designed an adware capable of hijacking users' browsers with a sole purpose of redirecting the traffic to fake search engines. CheckPoint adds that these fake search engines do nothing but redirect the queries to either Google or Yahoo's search engines and and earn a commission in the process. "Fireball has the ability to spy on victims, perform efficient malware dropping, and execute any malicious code in the infected machines, this creates a massive security flaw in targeted machines and networks," the researchers observed in their blog post. Rafotech is said to be spreading this adware by bundling it with legitimate software and not offering an opt-out option while installing the software. 

The report notes that India is the most affected country with around 25.3 million infected PCs or around 10.1 percent of all infections. Brazil is second with 24.1 million infected devices, while  Indonesia had 13.1 million infections. The US had over 5.5 million infected machines.

CheckPoint also notes that 20 percent of all corporate networks worldwide are affected by Fireball adware. Users can check whether they are a victim by opening their web browser and checking whether the homepage was set by you. Users should also check whether they can modify it and see if they recognize the default search engine. Infected users can uninstall the adware by heading over to Programs and Features list in the Windows Control Panel. On Mac, users can drag the suspicious file to trash by locating applications using the finder and then emptying the trash.

The new report further highlights that adware is affecting both PCs and smartphones. Last week, security researchers from CheckPoint discovered a malware named 'Judy', which infected Android smartphones via 41 apps, which were developed by a Korean firm.