2 stories
today

Microsoft says the Fireball cybersecurity threat was ‘overblown’

The concern about cybersecurity is a serious issue that Microsoft takes into high priority. However, the reach of the Fireball malware attacks that have been spreading across the news this last month “might have been overblown” says the tech giant.

The sneaky malware is known for being an invisible ad-revenue generator, opening up web pages owned by the attackers and downloading software that encourages web browser manipulation. Much of the time, the malware is hidden behind legitimate downloads, bundled behind a file that would, for all intents and purposes, come up clean via many scanners.

Reports have been circulating that Fireball has infected nearly 250 million devices. Check Point, the cybersecurity firm that claims they first discovered the attacks, says that the scope of Fireball is “alarming” with 10.7% of business networks in the U.S. alone infected.

But Check Point might have to contend with the Redmond giant for the achievement. According to a recently released Technet blog post, Microsoft has been tracking Fireball since 2015 when it first cropped up. Since then, they have been combating and protecting against it.

As the group of malware and unwanted software families in the Fireball suite have evolved over time, so has our protection and defense against it. Windows users are protected from this group of threats through Windows Defender Antivirus and Microsoft Malicious Software Removal Tool (MSRT). As another layer of protection, Windows 10 S only allows apps that come from the Windows Store to run. None of these malware and unwanted software is present in the store, therefore Windows 10 S users are further protected from this threat group.

In an attempt to educate the masses about Fireball’s actual statistics, Microsoft released their information concerning the malware attacks. Check Point was supposedly estimating the size of malware based on the number of visits to the search pages through Alexa. But that means that the data isn’t fully accurate, Microsoft countered, explaining that not every device visited had an infection.

As Windows Defender AV narrowed down the Fireball suite, active threats across Windows OS computers began to drastically drop.

Microsoft states that their Windows 10 components have and continue to address the threat through higher security. Edge reportedly isn’t affected by the browser hijacking, and Windows Defender AV has been successful in cleaning up the threat. The best way to prevent malware attacks, they say, is to keep Windows and its tools up to date. Obviously.

Further reading: , , ,