Fireball Malware hijacks 25mn systems in India

Before the world could fully recover from the shock of the WannaCry ransomware, another one originating from China came knocking the doors. It has created gigantic waves in the information security space and even bigger waves for its victims. Known as "Fireball" the malware is expected to have infected more than 250 million computers worldwide. It has access to 20% of the corporate networks, with major infection centers in India, Brazil, and Mexico. This destructive software mainly intends to generate fake clicks and traffic for its creator, a Beijing advertising firm named Rafotech.

When installed, the software redirects a user’s browser to websites that copy the look of the Google or Yahoo search homepages. Thereon, these fake pages secretly gather private information of the user by using the tracking pixels.

Israel-based security firm Check Point has discovered this malware which has got India also in its wraps. According to the security firm, this malware infection has a surprisingly large scope and destructive potential.

According to Check Point, Rafotech may mass-harvest data from infected machines and sell it. The sensitive information might include credit card numbers, business plans and patents, among other things. With this malware on the rampage, every personal information might be at risk. In a statement, the firm emphaizes that the malware also has the ability to run any code on the victim's machine or download new malicious files. The company further describes ‘Fireball’ as "a pesticide armed with a nuclear bomb".

Check Point estimates that one in five corporate networks is globally infected with this malware. On the other hand, countries like India and Brazil have close to 25 million infected machines each. This malware has the potential to harm several million PCs across the globe and extend its claws into private information and bank account details. As many organizations have claimed Fireball may be the most dangerous malware in the history.