Fireball – The Virus Which Can Hijack Your Browser

Safe & SecurityBrowserWeb Services

Beware of all the internet surfers; the Fireball virus is coming to compromise your security!! Your internet browser is at high risk, as the browser attacking nasty virus can take control of your browser and do whatever it want without your consent. It can even run malicious codes, download files and much more on your own machine without your knowledge.

After the dangerous WannaCry Ransomware attack which gave sleepless nights to millions of people worldwide, now another dirty virus called as “Fireball” is on attacking spree to make its victims around the world. As per the latest reports, the Fireball malware has already infected at least 250 million machines globally. The worst victims of this nasty virus are India and Brazil among the other list of countries.

What is Fireball- The Malware

According to the Check Point Threat Intelligence and Research team, this is a Chinese malware operated by a Beijing-based large digital marketing agency called Rafotech. They use this nasty virus to control the victim’s internet browsers. Once infected, the Fireball virus takes charge of the browser and converts the default search engines into a fake search engine. So, whenever the user searches anything it redirects to either or through their fake search engine.

There are tracking pixels to collect the private information using the fake search engines. This virus can spy, runs malicious codes and manipulates web traffic to generate advertisements revenue for their makers.

How it Controls Your Browsers

The Fireball virus once installed on your machine, the first thing it does is to take charge of your browsers. Then it replaces your search engines with a fake search engine to collect your private information. There are tracking pixels which can collect all your information that you enter in the various websites, such as your personal details, banking details, and other private data. That is not enough; it can also manipulate the web traffic to generate the revenues from advertisements for its makers.

Not only that, this virus has the ability to run malicious codes on your machine and even downloads any file or malware by its own without your knowledge. It installs malicious plug-ins and additional configurations to increase its advertisements revenue.

The Impacts of This Virus

As per the data from Checkpoint security firm, there are over 250 million personal computers are already infected with this Fireball virus. That is not all; around 20% of corporate networks are also affected by this nasty virus.

Let’s have a look on its impacts on various sectors across the world.

  • According to the Indian Computer Emergency Response Team (CERT-In), which is the nodal agency to deal with cyber security threats like hacking and phishing in India, has recently reported that India is the worst affected country by this Fireball virus among the other affected countries worldwide.

  • As per the advisory from CERT-In, this virus can be detected by some popular anti-virus software. So, it advised people to install the latest genuine anti-virus software in their machines to protect their browsers from this nasty attack.

  • The Virus Fireball currently installs plug-ins and additional configurations to increase its advertisements revenue, but it can be more dangerous when it will act as a facilitator for additional malware/adware in future.

  • As per the data reported in Checkpoint official blog, the top infected country with 10.1 percent of the total infections across the globe is India. There are over 25 million computers are infected in India itself, the worst hit country of this virus.

  • The second biggest victim of this nasty virus is the South American country – Brazil with 9.6 percent infected computers from the total infections worldwide. There are over 24 million computers are infected in Brazil. And then it followed by Mexico the third country in the list with over 16 million computers infected by this Fireball virus.

According to the Checkpoint security firm, the fake search engines installed by this Fireball virus are gaining its positions in top websites list. As per Alexa’s web traffic data, 14 of these fake search engines are positioned in the top 10,000 websites, while some of them also reach to top 1000 sometimes. That indicates how far this virus was already spread across the globe.

How Fireball Enters Into Your Machine

You may install this virus on your machine unknowingly while downloading free software or games. It may also come in bundled with some legitimate software.

According to Checkpoint, the Fireball malware is technically half malware and half legit software with proper digital certificates. Its makers Rafotech cleverly push this virus as software for advertising and initiating traffic to avoid any legal compulsions. So it can attack your browser while downloading any free applications, games or opening an attachment.

There is a saying that prevention is better than cure, it’s important to take precaution measures before you become the victim of this virus. Let’s have a look on some common prevention steps.

  • Use genuine Anti-Virus software along with Anti-Malware software and Adware cleaner software and keep them updated.

  • Do not click on untrusted banners, pop-ups or any other such notifications when you are not sure about their origins.

  • Neither visits any websites which are untrusted nor download or click on any pages of those sites.

  • Do not open email attachment received from untrusted sources.

These basic precautions measures can save you not only this virus but from any other such malware which is potentially harmful to your machine.

How to Ensures You are Safe

It is important to know whether your machine is infected or not, because without knowing that you cannot think of any solutions to get rid of it. So how can you ensure that your machine is not yet infected with this nasty virus? Let’s see some normal steps as prescribed by Checkpoint security firm to know whether you are the victim of Fireball virus.

  • Open your browser one by one and check all the default setting such as homepage, search engine, browser extensions and installed plug-ins.

  • Ensure that the search engines, homepage and other settings which you have chosen earlier is still there or any unexpected changes happened.

  • Try to change the homepage, search engines and observe whether you are able to change. In case you are not able to change them, then you are the victim of this Fireball virus.

In case you found any unknown plug-ins or extensions then try to uninstall them quickly. Also, you can take the help of some good anti-malware, adware cleaner software to perform a complete scanning to ensure you are safe from this virus.

Finally, the seriousness of this threat is more as because the victims may not know whether they are infected. You may be infected unknowingly and helping the virus makers in generating ad revenues. The Fireball browser hijacking virus is not only use manipulating web traffic data to generate ad revenue, it also capable of driving you to malicious sites, spying on your online activities and can become a distributor of other dangerous malware.

Published on 24-Jan-2020 07:30:46