Leftover computer virus threatens Internet access
Share with others:
If you suddenly find Monday that your computer can't access the Internet, you might be able to blame a gang of alleged cyberthieves from Estonia -- and the FBI.
In November, the FBI was part of an international effort to bust a ring that was charged with infecting millions of Windows-based personal computers with spyware that redirected requests for common Web pages to rogue sites. When officials took action, they also seized the servers that were handling those redirects.
Since then, the FBI has been running the seized systems as benign Domain Name System, or DNS, servers, which translate the numeric designations for Internet sites into recognizable Web addresses. But the FBI will turn them off Monday, and the hundreds of thousands of computers that remain infected with the DNS Changer malware won't be able to access the Internet.
Chris Bronk, a fellow for IT policy at the James A. Baker III Institute at Rice University in Texas, said this is the first time the FBI has continued to run the servers seized from cyber criminals. "It comes down to the public good," he said. "Some federal agency has to step in and do this."
It could have been much worse. At its peak, the gang controlled as many as 4 million computers, 500,000 of them in the United States, according to the FBI. Because of the large number of infected machines, the FBI opted to continue running the servers.
Since then, the numbers of infected PCs have fallen to about 300,000, thanks largely to a massive education campaign and alerts posted by sites such as Facebook and Google. At Google, for example, people who do searches with infected machines have been shown a warning along with their results if their PCs have the malware.
You can check to see if your PC is infected by going to www.dns-ok.us. If your PC has the DNS Changer malware, you'll be provided links to resources to remove it.
Even with alerts from Google and publicity about Monday's shutdown, there will be some computers that remain infected when the servers are turned off.
The DNS Changer seizure sets a new precedent, and Mr. Bronk said the FBI may not be the appropriate agency to handle this situation. The Department of Homeland Security also has jurisdiction over national computer security, he said, but there may be a need for a new agency dedicated to cyberissues.
First Published July 6, 2012 1:04 am