Chinese Fireball malware infects 250 million PCs worldwide – here’s how to check if your PC is infected


Security researchers are warning users about a dangerous new form of malware that has already infected 250 million computers worldwide.

The malware, dubbed Fireball, was discovered by CheckPoint security and is already present on 20 percent of world’s corporate networks, the company said.

According to security firm CheckPoint, Fireball takes over your internet browser and is capable of launching unauthorised tasks, like downloading files containing even more malware onto your machine.

It can also hijack your web traffic in order to generate fraudulent ad revenue.


Image: Checkpoint

CheckPoint says that Fireball is the creation of an infamous Chinese digital marketing firm called Rafotech, which uses the malware to take over your web browser.

Infected browsers will see the default search engine and homepage changed to fake ones that can collect private data on users.

These fake search engines can be difficult to spot as any queries search via the fake search engine redirect to a legitimate site but by that time it has already collected data on the victim.

Fireball works by installing a plugin that boosts the advertisements belonging to Rafotech, which generates fraudulent clicks and fake web traffic.

Fireball Global Infection Rates (darker pink = more infections)

Fireball Global Infection Rates (darker pink = more infections)

India, Brazil and Mexico are the countries with most infections of Fireball and there have also been 5.5 million infections found in the United States. It is not known how many infections are in Thailand but Check Point said there had been some instances of Fireball infecting computers in the kingdom.

While Fireball is currently being used to generate fake ad revenue, it has the potential to be used as full blown malware and could steal login details, passwords and other sensitive data from infected devices.

How to check if you PC is infected with Fireball

You should first open your web browser and if your homepage or search engine has been changed without you knowing then that could be the first sign your device is infected.

Another sign is the sudden appearance of some unusual browser extensions or advertisements whenever your browser is launched.

How to protect your PC from Fireball and other malware

Keep your device up to date – always make sure you are running the latest versions of software. Whenever the likes of Apple or Microsoft roll out a new update, make sure you install it.

Install a reputable or well known antivirus product on your PC. Mac users should also do this as cases of malware and ransomware being used to target Apple devices is on the rise.

Never install browser extensions or plugins from unfamiliar sources or publishers.

Never open and email, download an attachment or click a link from an unknown sender


Comments are closed.