Fireball, malware, flow chart, India, most affected, hacking, cyber security
[Representational Image] After WannaCry ransomware, Chinese Fireball malware strike the world; India worst-affected In Picture: back-lit PC keyboardReuters

Before the world could fully recover from the WannaCry ransomware bug, another deadly malware dubbed as Fireball has emerged with the potential to make several million PCs across the globe vulnerable to hacking.

Online security watchdog Check Point, which is credited for discovering infamous Judy malware in Android devices, has found another malicious Fireball firmware affecting more than 250 million computers across the world and 20 percent of all the global corporate networks. Interestingly, India, which is fast expanding its digital footprint, is said to be the worst affected.

Also read: Google releases critical anti-phishing update to Gmail for Android; Here's why you should get it right now

According to Check Point, over 250 million computers worldwide have been infected: specifically, 25.3 million infections in India (10.1 percent), 24.1 million in Brazil (9.6 percent), 16.1 million in Mexico (6.4 percent) and 13.1 million in Indonesia (5.2 percent). The United States has witnessed 5.5 million infections (2.2 percent).

Fireball is said to be created by Chinese ad corporation Rafotech to manipulate users' browsers on the computer to get false clicks and promotion for its clients online.

How does Fireball malware get into the PC?

Rafotech has reportedly partnered with some legitimate software firms and has managed to get the consent to load its Fireball malware mostly via bundling i.e. installed on victim machines alongside a wanted program but without the user's consent.

What Fireball malware does to the PC?

Rafotech uses Fireball to manipulate the victims' browsers and turn their default search engines and home pages into fake search engines. This redirects the queries to either or The fake search engines include tracking pixels used to collect the users' private information and web-traffic to generate ad-revenue.

Fireball, malware, flow chart, India, most affected, hacking, cyber security
This is how Fireball enters the PC and runs fake search engine and also spy on victims' PCsCheck Point

Should you be worried over Fireball malware?

Yes, users must be very wary of Fireball malware. Though, it is currently operating as browser hijackers to get false clicks and forcefully divert the user to its client's webpage. It has potential to turn into a full-functioning malware downloader and is capable of executing any code on the victim machines, resulting in a wide range of actions from stealing credentials to dropping additional malware. This creates a massive security flaw in targeted machines and networks, Check Point report said.

How to protect your PCs from Fireball and other malwares?

  • Always keep to your PCs updated latest firmware; most software companies including Microsoft and Apple usually send software updates regularly in terms of weekly or monthly, always make sure to update them immediately
  • Make sure to use premium Anti-virus software, which also provides malware protection and internet security
  • Never ever open email sent from unknown senders
  • Never ever install plugins (for browsers) and application softwares on the PCs from un-familiar publishers

Also read: Here's US Homeland Security and FBI-approved steps to improve cybersecurity

Watch this space for latest news on cyber security and more.