According to Alexa’s web traffic data, 14 of these fake search engines are among the top 10,000 websites, with some of them occasionally reaching the top 1,000.įigure 2: Fireball Global Infection Rates (darker pink = more infections) Hit rates in the US (10.7%) and China (4.7%) are alarming but Indonesia (60%), India (43%) and Brazil (38%) have much more dangerous hit rates.Īnother indicator of the incredibly high infection rate is the popularity of Rafotech’s fake search engines. The United States has witnessed 5.5 million infections (2.2%).īased on Check Point’s global sensors, 20% of all corporate networks are affected. According to our analysis, over 250 million computers worldwide have been infected: specifically, 25.3 million infections in India (10.1%), 24.1 million in Brazil (9.6%), 16.1 million in Mexico (6.4%), and 13.1 million in Indonesia (5.2%). The scope of the malware distribution is alarming. Top infected countries are India (10.1%) and Brazil (9.6%)Ģ50 MILLIONS MACHINES AND 20% OF CORPORATE NETWORKS WORLDWIDE INFECTED.The operation is run by Chinese digital marketing agency.installed on victim machines alongside a wanted program, often without the user’s consent. Fireball is spread mostly via bundling i.e.Fireball is capable of executing any code on the victim machines, resulting in a wide range of actions from stealing credentials to dropping additional malware. The malware, called Fireball, acts as a browser-hijacker but and can be turned into a full-functioning malware downloader.Check Point analysts uncovered a high volume Chinese threat operation which has infected over 250 million computers worldwide, and 20% of corporate networks.Fireball has the ability to spy on victims, perform efficient malware dropping, and execute any malicious code in the infected machines, this creates a massive security flaw in targeted machines and networks. The fake search engines include tracking pixels used to collect the users’ private information. This redirects the queries to either or. Rafotech uses Fireball to manipulate the victims’ browsers and turn their default search engines and home-pages into fake search engines. This operation is run by Rafotech, a large digital marketing agency based in Beijing. Currently, Fireball installs plug-ins and additional configurations to boost its advertisements, but just as easily it can turn into a prominent distributor for any additional malware. Fireball has two main functionalities: the ability of running any code on victim computers–downloading any file or malware, and hijacking and manipulating infected users’ web-traffic to generate ad-revenue. The installed malware, Fireball, takes over target browsers and turns them into zombies. Check Point Threat Intelligence and research teams recently discovered a high volume Chinese threat operation which has infected over 250 million computers worldwide.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |