Chinese Malware 'Fireball' Turns Computers to Zombies; Here's how to Save Infected Systems

By Prei Dy, | June 05, 2017

Chinese malware Fireball has reportedly infected more than 250 million computers across the globe. (YouTube)

Chinese malware Fireball has reportedly infected more than 250 million computers across the globe. (YouTube)

Security firm Check Point has discovered that a Chinese malware, called Fireball, has already infected more than 250 million computers worldwide, and at least 20 percent can be found on corporate networks.

According to Check Point, the new threat is designed to carry out unauthorized attacks on infected computers such as illegally downloading files and more malware, and installing "plug-ins and additional configuration to boost its advertisement." Fireball could also hijack browsers to change the default search engine and trace their web traffic on behalf of Beijing-based digital marketing firm called Rafotech, WIRED.com reported.

Like Us on Facebook

"A quarter-billion computers could very easily become victims of real malware. It installs a backdoor into all these computers that can be very, very easily exploited in the hands of the Chinese people behind this campaign," Maya Horowitz, head of Check Point's research team, said.

Most of Fireball's targets are from India and Brazil, with an estimated 25 million infected machines each. So far, US has reported around 5.5 million infected PCs. Fireball allows its administrators to convert their ad-revenue generation audience into a botnet or gain credentials. But Horowitz believe the attack is not solely for monetary gains.

Check Point also warned that the Fireball malware displays "digital certificates," giving a legitimate appearance. It is bundled along with other applications, programs, and even popular freeware products like Soso Desktop, FVP Imageviewer, to name a few. The report from Check Point said that regular users could not uninstall the malware and pointed out that the company is aware that "adware distribution is not considered a crime."

While prevention is better than cure, here's how people could remove the Fireball malware from their PCs.

For Windows users, after finding the adware on the computer, head to Programs and Features list in Windows Control Panel. Click the uninstall button for the compromised applications. MacOS users should use the finder, look for the application, and then hit trash. Then users should empty the trash or recycle bin to delete the files.

However, all the compromised files may not always appear on the list. So users should scan and clean their computers using an anti-malware adware cleaner. Users should also check and review their preferred browser, tools, add-ons, and extensions, and uninstall anything suspicious.

©2024 Telegiz All rights reserved. Do not reproduce without permission
Real Time Analytics