Save Your Computers From Being Gutted by Chinese Malware Fireball

This adware is targeting Asian countries to make money through advertisements in the browser
Save Your Computers From Being Gutted by Chinese Malware Fireball
Image credit: Pixabay
Entrepreneur Staff
Correspondent, Entrepreneur Asia-Pacific
4 min read

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

There are many types of malware that can make the systems vulnerable to their attack. Malware attack seems to make headline every month for all the wrong reasons. A few weeks back it was WannaCry ransomware attack that was in the news because it had infected over 150 countries and 200,000 computer systems worldwide. Recently, a security firm Check Point discovered that a high volume Chinese threat operation has infected over 250 million computers worldwide and 20 % of corporate networks. The installed Chinese malware called Fireball has taken over target browsers and turns them into zombies. The firm also said that the top infected countries by the malware are India (10.1%) and Brazil (9.6%)

The recent cyber attacks have again raised the topic of protecting the system against any kind of malware in the future. Entrepreneur India spoke to Manan Shah, Founder & CEO, Avalance Global Solutions and Mohan Gandhi, ‎CEO at Entersoft Security to understand how different Chinese Fireball is from WannaCry and steps to save the infected systems.

Malware's Key Purpose Is To Make Money Through Browser Advertisements

Gandhi explained that the Fireball malware is a threat to Indian consumers and it makes ad revenues by hijacking browsers of the users. Although Fireball malware is currently a browser hijacker, it has potential to be executed as a full blown malware to encrypt, control user machines remotely and even to launch DDOS attacks.

“Currently, India stands as the most affected nation by Fireball, as per Checkpoint records. Also, it makes sense for Fireball to look at targeting Asian countries predominantly as the malware's key purpose is to make money through advertisements in the browser. Run as a campaign directly or indirectly through Rafotech, all the advertising campaigns are targeting for ad impressions in Asia,” he said.

However, he further added that removing this malware is a pretty easy process.

“Users can manually remove infected malware from the Windows and Mac OS machines. Latest anti-viruses have updated malware signatures required for combating Fireball,” he said.

India Hasn’t Seen Any Cases Of Encryption From Fireball

As per Gandhi, WannaCry is significantly different from Fireball. WannaCry has shown significant losses to the users by encrypting the important information. Fireball takes over the browser by installing plugins to help digital agencies make money through adware.

“India hasn’t seen any cases of encryption from Fireball. There was extortion in WannaCry and Fireball doesn't necessarily ask ransom from users. It makes money on its own,” he added.

The New Adware Operates Silently

Shah feels the new type of adware is relatively difficult to recognize and tackle as users most often do not even realize its presence. The adware operates silently, by altering the search engine or the home page and while the changes are noticeable, users are likely to attribute it to the new design rather than treat it as a threat. Also, the nature of the adware, as it comes with licenses, makes it difficult to prove it as a threat and a hack.

Shah further shared tips in order to check if your system is infected with this malware or not.

 “Open your browser and check if the homepage or search engine has been changed automatically. If it has been changed then there are chances that your system is infected with the malware. In this case, go the Control Panel from Windows and select Programs and Feature list. Search for the suspicious looking adware from it and then delete it,” he explained.

He further stressed that the WannaCry Ransomware is a kind of cyber attack that involves hackers taking control of a computer system and blocking access to it until a ransom is paid. Whereas, the Fireball malware is designed to hijack browsers to change the default search engine and track their web traffic.

More from Entrepreneur

Grow Your Business at Entrepreneur LIVE! Join us on Nov. 16 in Brooklyn, NY, to learn from legends like Danica Patrick and Maria Sharapova, pitch our editors, meet with investors, and potentially walk away with funding!
Register here

One-on-one online sessions with our experts can help you start a business, grow your business, build your brand, fundraise and more.
Book Your Session

In as little as seven months, the Entrepreneur Authors program will turn your ideas and expertise into a professionally presented book.
Apply Now

Latest on Entrepreneur

My Queue

There are no Videos in your queue.

Click on the Add to next to any video to save to your queue.

There are no Articles in your queue.

Click on the Add to next to any article to save to your queue.

There are no Podcasts in your queue.

Click on the Add to next to any podcast episode to save to your queue.

You're not following any authors.

Click the Follow button on any author page to keep up with the latest content from your favorite authors.