250 million computers scorched by Chinese Fireball

Fireball hijacks browsers and can continually distribute malware.

If you're the unlucky sort, you may have caught yourself a virus - you and 249.99 million other people. 'Fireball', a new tool from China, turns computers into a malware sponge, taking control of browser search away from the user.

Check Point security is the firm with the warning, and it reckons that Fireball comes out of Rafotech, a large digital marketing agency based in Beijing, and that it is being used to hijack browsers for nefarious purposes.

The security firm says that once installed, the malware can do two things: allow for third party control and act as "a prominent distributor" tap for any additional malware

"Rafotech uses Fireball to manipulate the victims' browsers and turn their default search engines and home pages into fake search engines. This redirects the queries to either yahoo.com or Google.com," it said.

"The fake search engines include tracking pixels used to collect the users' private information. Fireball has the ability to spy on victims, perform efficient malware dropping, and execute any malicious code in the infected machines; this creates a massive security flaw in targeted machines and networks."

Fireball spreads by being bundled with software that the user might want which will make avoiding it difficult. It has so far, anyway. Check Point says that 20 per cent of corporate networks are infected, and 250 million computers across the globe.

The shonky search engines that Rafotech pumps out have some traction too, and according to Check Point 14 of them are in the Alexa top 10,000 websites and some are in the top 1,000.

"Ironically, although Rafotech doesn't admit it produces browser hijackers and fake search engines, it does (proudly) declare itself a successful marketing agency, reaching 300 million users worldwide - coincidentally similar to our number of estimated infections," adds Check Point.

"Although Rafotech uses Fireball only for advertising and initiating traffic to its fake search engines, it can perform any action on the victims' machines. These actions can have serious consequences. How severe is it? Try to imagine a pesticide armed with a nuclear bomb. Yes, it can do the job, but it can also do much more."