The security firm Check Point says it has found a malware infection of staggering scope and destructive potential. Originating in China, the “Fireball” malware package is believed to have infected more than 250 million computers worldwide and is present on 20% of corporate networks, with major infection centers in India, Brazil, and Mexico. Check Point calls it “possibly the largest infection operation in history.” The malevolent software appears to be mainly intended to generate fake clicks and traffic for its creator, a Beijing advertising firm called Rafotech. When installed, the software redirects a user’s browser to websites that mimic the look of the Google or Yahoo search homepages. The fake pages surreptitiously gather private information on the user using so-called tracking pixels. But Fireball also has the ability to execute commands remotely—including downloading further malicious software. Fireball’s creators (or third-party hackers who find a way to take control) could theoretically transition from ad-scamming to selling harvested data, or even harness infected machines into a globe-spanning botnet of immense destructive power.
View full story
ORIGINAL SOURCE: Fortune