A new malware has been discovered by Check Point security researchers called “Fireball”, the malware succeeded to infect more than 250 million computers in a widespread campaign run by a Chinese digital marketing agency.
Fireball is an adware bundle that gets full control of the victim’s web browsers and switches them into zombies, also allowing attackers to spy on victim’s web traffic and steal their data.
The malware is spread by a big digital marketing company based in Beijing (called Rafotech). The company use the malware to manipulates the victims’ browsers to turn search engines and home pages into fake search engines, redirect queries to Yahoo or Google, and obtain victims’ private information via tracking pixels included in the fake search engines.
The company is using Fireball malware for generating profits by inserting advertisements into the browsers. Although the company (Rafotech) doesn’t recognize that it creates browser hijackers and fake search engines, it does (proudly) announce itself a successful marketing agency, by reaching over 300 million users all over the world.
Check Point advises users to remove the Fireball malware from PCs by uninstalling the adware using Programs and Features (control panel) in the Windows or use Mac Finder function in the Applications folder on Macs. Also remove the malicious add-ons, extensions or plug-ins from their browsers.