Skip to main content

Could Fireball Malware Become the Next Mirai?

By: Mohammed Al-Moneer, Regional Director, MENA at A10 Networks

This month, researchers uncovered a malware strain believed to have infected more than 250 million computers globally. It is further believed that this malware is present on 20 percent of corporate networks.

Dubbed “Fireball,” the massive malware infection originated in China and has caused disastrous outbreaks in Brazil, India and Mexico. There’s the potential for Fireball to become more calamitous.

Security firm Check Point, which found Fireball, called it “possibly the largest infection operation in history.”

“…Fireball, takes over target browsers and turns them into zombies,” Check Point wrote. “Fireball has two main functionalities: the ability of running any code on victim computers – downloading any file or malware, and hijacking and manipulating infected users’ web-traffic to generate ad-revenue. Currently, Fireball installs plug-ins and additional configurations to boost its advertisements, but just as easily it can turn into a prominent distributor for any additional malware.”

Potential Devastation

What’s more startling, is that Fireball has the ability to execute commands remotely, including downloading further malicious software. This means threat actors could theoretically use the more than 250 million infected machines to launch a colossal and destructive botnet, that could rival Mirai.

The Mirai malware is blamed for the DDoS attack against DNS provider Dyn that knocked many of the web’s biggest sites offline last year; the 600-plus Gbps attack against Krebsonsecurity; and the attack against service provider OVH.

Attackers used the Mirai malware to take control of unsecured Internet of Things (IoT) devices, namely web-enabled cameras, to build botnets. This gave rise to the DDoS of Things and heralded a new era of DDoS attacks, which for the first time, exceeded the 1 Tbps threshold.

While Fireball itself isn’t a DDoS attack, an attacker could weaponize the compromised machines and use them to build a botnet that rises to the level of Mirai, especially considering infected PCs are far more powerful than hijacked webcams.

Maya Horowitz, threat intelligence group manager at Check Point, told Dark Reading that Fireball has the potential to be leveraged for a Mirai-style wave of gigantic DDoS attacks.

"In [Fireball's] case, each infected machine was its own, and someday all these machines could get the command to do something," Horowitz told Dark Reading. "Any risk you can think of; any code can run on these machines."

Fight Fire with Fire

The DDoS of Things is powering bigger, smarter and more devastating multi-vector attacks than ever imagined.

Fireball’s potential to become the next Mirai, or something worse, reinforces the need for protection from the DDoS of Things and IoT-fueled DDoS attacks.

DDoS attacks are damaging. Along with service disruption, they can have a lasting impact that harms your brand reputation, your revenue and your user experience. You need to fight back. If Fireball reaches Mirai status, you need a weapon against volumetric, multi-vector DDoS attacks. You need major firepower to stand up to the DDoS of Things.

Popular posts from this blog

Radisson Blu Hotel, Dubai Improves Guest Wi-Fi Coverage and Performance with Aruba Wireless Solutions

Radisson Blu Hotel, in Al Sufouh at Dubai Media City has recently deployed wireless infrastructure from Aruba, a Hewlett Packard Enterprise Company, to deliver secure, seamless, high-speed, wireless internet connectivity across its hotel rooms, suites and public areas. The implementation has resulted in improvement in rating of Wi-Fi services and drastic reduction in volume of IT help desk calls, besides the fact that the design of the Access Points (APs) blends seamlessly with the hotel aesthetics and AP management, monitoring and troubleshooting has become centralized and simplified.

Amazon.in launches “Smart Living Store”

How would it be if you could stream online videos or browse websites on your TV? How about a device that could measure your level of activity throughout the day? How would it be if a device helps keep your home secure? With the Smart Living Store you can find out! Amazon.in announces the launch of “Smart Living Store” - a dedicated store aimed at providing customers the one stop shop for all smart devices across various product categories.

Pi DATACENTERS Achieves Uptime Institute Tier IV Design Certification

Pi DATACENTERS, India, an enterprise class datacenter and Cloud service provider based at Amaravati, the new capital region of Andhra Pradesh, today announced that the company has been awarded Uptime Institute Tier IV Design Certification, achieving the highest standards for infrastructure, functionality and capacity as demonstrated on the design documents. To earn a Tier Certification of Design Documents, a facility is evaluated on mechanical, electrical, structural and site elements, and certified facilities also receive expert recommendations to enhance Operational Stability over the long-term.
“We are pleased to award Pi DATACENTERS with the Uptime Institute Tier IV Design Certification,” said John Duffin, Managing Director, South Asia, Uptime Institute. “Achieving a Tier IV Fault Tolerant Design Certification illustrates that the facility meets the highest standards for infrastructure functionality and capacity as demonstrated on the design documents. This ensures that plans are…