EXECUTIVE SUMMARY

Yet another new strain of malware has emerged this week, this time a Chinese threat operation. Discovered by Check Point, the malware has infected more than 250 million computers worldwide.

Able to turn browsers into zombies, the malware has two main functionalities: 1) running code on victim computers–downloading any file or malware, and 2) hijacking and manipulating infected machines to drive web traffic to generate ad revenue.

Read the full story….

Dubbed Fireball, this malware follows on the heels of the recently discovered Judy malware. Like Judy, Fireball uses adware to drive fraudulent advertising click revenue. But, it doesn’t stop there.

Rafotech the digital marketing agency in China that is responsible for Fireball, uses the malware to manipulate victims’ browsers and turn their default search engines and home-pages into fake search engines–which include tracking pixels that collect users’ private information. Then, when searches are conducted, they are redirected to either yahoo.com or Google.com.

This gives Fireball the ability to spy on victims, perform efficient malware dropping, and execute any malicious code in the infected machines. Check Point researchers believe this creates a massive security flaw in targeted machines and networks.

To dig deeper into the details, read Check Point’s blog post.