Just when everything looks sorted regarding the WannyCry Ransomware attack that has been reported as one of the biggest Malware attacks that the world has ever seen as Security Researchers have started finding various ways of overcoming this huge Ransomware attack, another Malware has been reported, the new Malware that has been reported by Security Researchers which is known as "Fireball". According to the reports submitted by the CheckPoint, this Malware has been designed and developed with the purpose of getting control over the victim's browser in order to change the default search engine.
Check Point Threat Intelligence and research teams recently discovered this new threat and according to them, this new Malware has infected over 250 million systems all over the world.
This new Malware which is known as "Fireball" can be installed on an individual's system along with some other software, this process is generally called as "Bundling" when another program installed on victim machines alongside a wanted program, often without the user’s consent,and then can turn the user's browser into a zombie. There are two main functionalities have been uncovered by the security firm CheckPoint regarding "Fireball", first it holds the capability of running malicious code on user's computer by downloading various malicious files and secondly it also holds the ability of hijacking and manipulating the infected user's web traffic for generating ad-revenue.
This operation is run by Rafotech, a large digital marketing agency based in Beijing. Rafotech uses Fireball to manipulate the victims’ browsers and turn their default search engines and home pages into fake search engines. This redirects the queries to either yahoo.com or Google.com.The fake search engines then starts tracking the user's private information and later on this information can also be exploited to ask for ransom from the users as well.
According to CheckPoint top, infected countries from this Malware is India (10.1%) and Brazil(9.6%).
It is always advisable to download new Softwares and Programs from trusted sources, as stated above that this Malware is basically getting spread through the process of Bundling, so make sure when you guys install some new program in your systems, no unwanted program gets installed. The most simple way of checking whether this new Malware has infected your system is by checking whether your default search engine have been changed automatically or not.
No comments:
Post a Comment
Thanks for Your Time!