‘Fireball’ Malware From China Hits 250M Devices

In the wake of security breaches and malware that grabbed headlines on a global scope, a new threat has emerged in recent days. As reported by Fortune Magazine, Check Point, the cybersecurity firm, stated that it had found malware that has been “staggering” in its breadth and the ways in which it can wreak havoc.

Dubbed “Fireball,” the malware traces its genesis to China and has made its way into 250 million computers around the world.

The malware exists chiefly to help create “fake clicks” and traffic for Rafotech, an advertising company that is based in China. The malware brings unwitting users to websites that are designed to look like search home pages that are the marquee ones in the industry, such as Google. Upon clicking through to those websites, private user data is gleaned by the hidden malware, which is first installed through free software downloads across offerings such as Soso Desktop. Rafotech, for its part, has a website that, at this writing, is offline, but has in the past reportedly published mobile apps and games.

The malware is powerful enough that it can be used to control computers via third parties. That operation would act much like smaller bot-driven attacks that in the past have hijacked devices and shut down internet access for users. The threat is just that. As Check Point describes it, Fireball acts as “a pesticide armed with a nuclear bomb.”

The rate of infection, especially across Mexico and Brazil and India, has been pervasive enough to have infiltrated as much as 20 percent of corporate networks on a global scale, so much so that Check Point has said this is the largest incidence of infection ever.