Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Fireball Browser Hijack Impact Revised After Microsoft Analysis

    By
    SEAN MICHAEL KERNER
    -
    June 22, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Fireball

      On June 1, security firm Check Point reported that a browser hijacking operation called “Fireball” had already claimed 250 million victims. According to a Microsoft analysis published June 22, Check Point’s estimate of the number of victims was “overblown” and the attack is not nearly as widespread as initially reported.

      The Fireball attack is a browser hijacking that is potentially able to download malware onto victims’ systems, as well as manipulate pageviews and redirect search requests. Check Point’s initial analysis claimed that Fireball was being bundled as part of free software downloads to unsuspecting users.

      “Indeed, we have been working with Microsoft on their analysis, feeding them with some additional data,” Maya Horowitz, group manager of threat intelligence at Check Point, said in a statement sent to eWEEK. “We tried to reassess the number of infections, and from recent data we know for sure that numbers are at least 40 million, but could be much more.”

      Microsoft claimed in its analysis that it has been aware of the Fireball issue since 2015. In particular, Microsoft’s analysis has found that the most prevalent malware used by Fireball are BrowserModifier:Win32/SupTab and BrowserModifier:Win32/Sasquor. According to Microsoft, its Windows users are protected from those threats by Windows Defender Antivirus and the Microsoft Malicious Software Removal Tool (MSRT).

      “Check Point used a simple formula to come up with an estimate that was based on incorrect assumptions which provided an overblown number,” a Microsoft spokesperson told eWEEK. “This was confirmed in the follow-up discussions.”

      Microsoft’s analysis reports that approximately 11,084,744 Fireball-related infections were detected and removed by Microsoft’s Defender and MSRT security technologies.

      “Any sum of these numbers will be an estimate, however, as we can detect the malware on the same machine multiple times over multiple months,” the spokesperson stated. “The sharp and continued drop in reports from MSRT over several months indicates reinfection rates were low.”

      Additionally, Microsoft claimed that Microsoft Edge browser users are not impacted at all by Fireball. Microsoft’s spokesperson said that is because the malware does not make changes that affect Edge’s settings. The spokesperson added that the impact to Microsoft’s Internet Explorer (IE) browser is extremely limited because a number of factors must be in place.

      Edge is the successor to IE and has benefited from multiple security innovations. It has also benefited from the broader security researcher community that has been contributing bugs to Microsoft as part of a bug bounty program.

      On June 21, Microsoft announced that since the Edge bounty effort began in August 2016 it has paid out over $200,000 in rewards to security researchers. The bounties were part of the Edge on Windows Insider Preview (WIP) bounty program that was not originally intended to be a time limited effort, but that is now changing.

      “This collaboration with the research community has resulted in significant improvements in Edge security and has allowed us to offer more proactive security for our customers,” Akila Srinivasan, security program manager at the Microsoft Security Response Center, wrote in a blog post. “Keeping in line with our philosophy of protecting customers and proactively partnering with researchers, today we are changing the Edge on Windows Insider Preview (WIP) bounty program from a time bound to a sustained bounty program.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×