Dive Brief:
-
Researchers at Microsoft Windows Defender Research say researchers at Check Point Threat Intelligence miscalculated the number of computers affected by "Fireball" malware, according to a Microsoft blog.
-
Earlier this month, Check Point Threat Intelligence reported that malware called Fireball infected more than 250 million computers worldwide and 20% of corporate networks. But Microsoft researchers say they have been tracking Fireball since 2015, and that techniques Check Point used to estimate the size of the malware were flawed. Microsoft projects that the actual number of computers affected is closer to five million.
-
Microsoft said it asked Check Point to reexamine its data. But Check Point appears certain the number is more than five million, stating in a statement sent to eWeek that at least 40 million computers have been infected with Fireball.
Dive Insight:
The danger of Fireball is that it can hijack a browser and collect data for nefarious purposes, or implant malware on millions of machines.
Microsoft said newer versions of its browsers have security measures in place to protect users from Fireball. Users of Internet Explorer could still be infected, though specific circumstances must take place in order for that to happen.
Microsoft said Check Point estimated the size of the Fireball based on visits to the search pages, not through collection of endpoint device data, which gave it a much higher number.
Check Point is cooperating with Microsoft to reexamine its numbers, as both side as are still widely apart. This serves as a lesson in how negative reports can damage companies and vendors and lead to more research and refutes.
