250M Devices with Fireballs Deemed ‘Overblow’ by Microsoft

250M Devices with Fireballs Deemed ‘Overblow’ by Microsoft

More than 250 million computers have been affected by fireball according to some security researchers, however Microsoft denies that by giving out a report of about 5 million computers only affected.

Unlike other researchers who argue that the virus spreads in the form of wildfire, Microsoft argues that it is in the form of smoke and mirrors and that the report released by some security researchers is not correct, instead Fireball’s spread may be overblown. Security company checkpoint discovered a Chinese operation earlier this month which infected more than 250 million computers with the same fireball. Fireball spreads via the bundling of software by keeping away downloads from sources such as pirated movies and games.

The WannaCry ransomware is overshadowed by the fireball at the infection rate hitting around 200,000 devices. Attackers had been applying the Fireball to remove traffic from victims to specific websites since it has the ability of hijacking the browser as well as downloading malware at a larger extent, a program likely to distort the smooth running of the computer system. This scheme was managed by Rafotech, a marketing agency in Beijing as reported by Check Point. It could distort the browser’s default search engine as well as homepage to untrusted page.

One of the untrusted or rather fake pages as captured by Microsoft’s screenshot resembled a Google ripoff and prioritized a search engine known as Trotux. WalaSearch, HohoSearch and StartPageing123 are examples of such fake search engines. Fireballs are described by Check Point as large malware breach a statement which is not accepted by Microsoft.

On Thursday, Microsoft gave out a report revealing that it had been studying Fireball since 2015 and had only seen an infection of about 5 million computers. Hamish O’ Dea from Windows Defender said that although the threat is real, the reported intensity has been exaggerated to a larger extent. Microsoft disagreed by issuing a statement that Check Point considered the figure of untrusted page visit to come up with 250 million instead of considering the number of devices hit by Fireball. Microsoft said that not all the devices which popes into the fake search engines are likely to be infected, hence consideration should only be placed on users visit.

Of the data obtained from the 500 million devices to bring about the 5 million Fireball infections, it was noted that the highest infection rate was in Brazil and India. The security company has accepted to cooperate with Microsoft in examining the result released by Check Point. Check Point’s Threat Intelligence Group manager, Maya Horowitz said that they tried to give out the figures of infections and from their initial data they could tell that more than 40 million infections existed, although the number appeared more than that.