The malware dubbed Firewall has affected more than 250 million computers around the world.
The fake pages then secretly collect private information of the user using so-called tracking pixels.
Rafotech uses bundling in high volume to spread Fireball.
The most evident sign of an infection is finding your internet tool has been redirected to a new homepage.
How to find out if your system has been infected?
Are you able to modify it?
Are you familiar with your default search engine and can modify that as well?
Do you remember installing all of your web app extensions?
How do I remove the malware, once infected?
Some of the top search engines used by Rafotech are: trotux.com, forestbrowser.om, luckysearch123.com, and others.
For Mac OS users:
Use the Finder to locate the Applications
Drag the suspicious file to the Trash.
Locate and select any suspicious Add-ons.
c. hit the trash can icon to delete.
a. hit the Setting icon and select Manage Add-ons.
Locate and remove any malicious Add-ons.
a. nudge the Firefox menu icon and go to the Tools tab.
Select Add-ons > Extensions.
A new window opens.
c. Remove any suspicious Add-ons.
d. Go to the Add-ons manager > Plugins.
e. Locate and disable any malicious plugins
a. check that the web app is active.
b. poke the Safari tab and select preferences.
c. choose the Extensions tab.
d. Locate and uninstall any suspicious extensions.
In the On startup section, click Set Pages.
c. Delete the malicious pages from the Startup pages list.
d. Find the Show Home button option and select Change.
e. In the Open this page field, delete the malicious search engine page.
f. In the Search section, select Manage search engines.
g. go for the malicious search engine page and remove from the list.
a. snag the Tools tab and then select Internet Options.
In the Advanced tab, select Reset.
c. Check the Delete personal options box.
d. hit the Reset button.
a. turn on the net online gate Menu Bar by clicking the blank space near the page tabs.
b. poke the Help tab, and go to Troubleshooting information.
c. Select Reset Firefox.
a. go for the Safari tab and then select Preferences.
In the Privacy tab, the Manage Website Data… button.
c. poke the Remove All button.
it’s possible for you to read more about the malware by clicking on the source link below.
Source:Check Point
Read More
source: www.techworm.net
