Sign in / up

back to article Goodness gracious, great Chinese 'Fireball' malware infects 250m systems worldwide

A strain of Chinese browser-hijacking malware dubbed Fireball has infected 250 million computers. The malware takes over web browsers and turns them into zombies, security firm Check Point warns. Fireball is capable of executing any code on the infected machines, resulting in a wide range of actions from stealing credentials …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. alain williams Silver badge

    What operating systems ?

    The Checkpoint page only mentions MS Windows and Mac OS; I searched and various other pages said the same. I run neither, but it is a browser probem: so am I safe ?

    3 0 Reply
    1. John Brown (no body) Silver badge
      Reply Icon

      Re: What operating systems ?

      From the article, IIUC, the infection is performed as part of the install of a downloaded program that the user has chosen to install, so the infection vector is similar to the pre-ticked "yes I want Yahoo Toolbar" option we see with other, legitimate installs, except in this case you don't even get asked. This strongly implies that the installer has to be able to execute on the target OS.

      2 0 Reply
  2. Anonymous Coward
    Anonymous Coward

    "Check Point's data shows that 9.3 per cent of corporate networks in the UK have at least one machine with the Fireball adware on it, the same as in the US."

    Am I the only one who finds these numbers difficult to believe?

    0 0 Reply
    1. Alumoi Silver badge
      Reply Icon

      Yeah, that's suspect. The numbers are too low.

      1 0 Reply
  3. Your alien overlord - fear me

    adware is not a crime

    I beg to differ

    18 0 Reply
    1. macjules
      Reply Icon

      Re: adware is not a crime

      Agree. Will gladly fund the cost of the bullet for Rafotech's CEO to the PRC if requested.

      3 0 Reply
      1. frank ly
        Reply Icon

        Re: adware is not a crime

        The CEO of a Beijing based company is probably 'well connected', if only for survival purposes.

        0 0 Reply
      2. Rich 11
        Reply Icon
        Joke

        Re: adware is not a crime

        Will gladly fund the cost of the bullet for Rafotech's CEO to the PRC if requested.

        This is a ridiculous reaction! No one person should have to bear the full cost of this crime.

        We could crowdfund the price of the bullet instead.

        8 0 Reply
  4. Tom 38

    Devil's advocate

    How is this different to, say, AVG|Google|Yahoo|... Toolbar?

    * Hijacks your browser? ✓

    * Redirects search traffic to own servers to increase ad revenue? ✓

    * Side-installed alongside a desired program? ✓

    7 0 Reply
    1. Ken Hagan Gold badge
      Reply Icon

      Re: Devil's advocate

      It isn't. We can thank Yahoo, Google and (perhaps worst of all, given their line of business) AVG for training end-users to believe that this sort of behaviour is acceptable.

      (BTW: still waiting for the AV product that has the balls to correctly identify drive-by installs of these as malware, and quarantine them accordingly.)

      (AND: you can add Java updates with their wretched Ask toolbar to the list as well.)

      2 0 Reply
    2. Updraft102
      Reply Icon

      Re: Devil's advocate

      According to the original article, the difference is that it attempts to hide its presence and has no clear means of uninstallation as "legitimate" adware programs do.

      If you believe in legitimate adware, anyway, which I doubt any of us do.

      0 0 Reply
  5. EnviableOne

    anyone think this is a ploy to hype the Lets keep personalinfo behind the great firewall agenda

    0 0 Reply
  6. John 104
    FAIL

    Reg Fail

    Thanks for the article. Always good to be aware of new threat vectors.

    However, perhaps the next time you could write your own review instead of directly lifting the content, verbatim, from the referenced article.

    1 2 Reply
  7. BumPuddl3

    More info required

    Thanks Reg, as usual for ensuring us stressed sysadmins are aware of these threats to our users & livelihoods. However I'd have ask to what priveledge level is required for execution here? Is this an admins only issue? Or does this leverege the user's write access to AppData, like a chrome install? Any known bundles? Which OS' ?

    Also I heartily agree with previous commenters when drawing likenesses with AVG, Yahoo and Google for Thier shiteware. Much like iOS, adware isn't illegal, but clearly immoral.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like