Fireball: Security researchers have discovered a new huge malware campaign that has infected more than 250 millions of computers worldwide, Windows and Mac OS.
The malware is called Fireball and it is an adware package that takes complete control of the victim's browsers turning them into zombies. This allows attackers to spy on the victim's web traffic and potentially steal it data their.
Her researchers Check Point, who discovered this massive malware campaign, have linked the company to Rafotech, a Chinese company that claims to offer digital marketing and gaming applications to 300 million customers.
The company currently uses Fireball to generate revenue by injecting ads into programs browsing. This particular one malware it can quickly turn into a massive disaster with major cyber incidents worldwide.
Το Fireball συνοδεύεται από άλλα προletterτα ελεύθερου λογισμικού που κάνετε λήψη από το Internet. Μόλις εγκατασταθεί, το κακόβουλο πρόγραμμα εγκαθιστά plugins στο πρόγραμμα περιήγησης για να μπορεί να το διαχειριστεί. Αμέσως αρχίζει με την αντικατάσταση των προεπιλεγμένων μηχανών αναζήτησης και των αρχικών σελίδων με ψεύτικες όπως την trotux[dot]com.
"It is important to remember that when a user installs free software, it does not mean that they are installing additional malware at the same time," say the researchers. "It is possible that Rafotech is using additional distribution methods, such as distributing free software under false names, or spam."
False search engine simply redirects the victim's queries to either Yahoo.com or Google.com and includes tracking pixels that collect the victim's information.
Fireball is not legal and can spy on the victim's web traffic. It can run any malicious code on infected computers, install plug-ins, or run cost-effective malware that creates huge security flaws in targeted systems and networks.
"From a technical point of view, Fireball exhibits excellent concealment and quality avoidance detection capabilities, a multi-level structure and flexible communication with C&C, just like typical malware," the researchers said.
Adware Fireball hits user web traffic to boost advertiser revenue, but also has the ability to distribute additional malicious programs.
"Based on the estimated contamination rate, one in five companies worldwide are vulnerable to a major breach," the researchers added.