eScan’s precautions for Fireball

Fireball is a legitimate software since it is digitally signed by the very organization which has developed it. However, it also bundles up malicious binaries and browser extensions.

The ad-wares were never considered to be malicious, since their sole intention was to redirect traffic and bombard the user with advertisements, and furthermore, these ad-wares were always bundled with other legitimate software, so that unsuspecting users ended up installing them too. Fireball not just installs an ad-ware, but also manipulates the victims default browser search engine to fake ones, which in turn redirect the search query to Yahoo.com or Google.com. However, these fake search engines do a lot more than simple redirect, they track the users and they can spy on their victims too by dropping and executing malwares. Though adware installation by various software download applications are seen as an accepted practice by the end-users, it is a huge concern with its largest install base of more than 250 million devices worldwide.

eScan's Advisory suggests the following precautions to be implemented for such attacks in the ever-growing complex cyber threat landscape:

* eScan recommends using an ad-ware scanner to scan if there is anything wrong with the browser

* Once you found the ad-ware in the system, go to Programs and Features list in the Control panel of Windows OS to uninstall the program

* MacOS users should user finder to locate and uninstall the application. After that empty the trash to delete the compromised file

* Go to your browsers and explore tools and extensions to uninstall anything suspicious

* Do a regular check for any unauthorized or suspicious browser extensions and plug-ins to make sure your homepage and search engine are the ones that you have set

* Always opt for custom installation and then de-select anything that is unnecessary or unfamiliar