11:22 am - Tuesday 26 May 2015

‘Internet blackbout’ set for 9 July: Check for Damaging Computer Virus

By staff - Wed Apr 25, 8:49 am

FBI Offers Unique Check for Damaging Computer Virus

More than half-million computers in the U.S. may have been infected by a bug that will interrupt Internet service when the FBI shuts down a temporary fix this summer.

In November, the FBI charged six Estonian nationals and one Russian national for engaging in a massive and sophisticated Internet fraud scheme that infected more than four million computers located in more than 100 countries with malware, according to an FBI press release.

Of the computers infected with malware, at least 500,000 were in the United States, including computers belonging to U.S. government agencies, such as NASA; educational institutions; nonprofit organizations; commercial businesses; and predominantly individuals.

The FBI is encouraging users to visit a Web site run by its security partner, DCWG (http://www.dcwg.org/), to determine whether they’re infected and explain how to fix the problem, the Times reports. After July 9, infected users won’t be able to connect to the Internet.

The DCWG is an ad hoc group of subject matter experts, including members from organizations such as Georgia Tech, Internet Systems Consortium, Mandiant, National Cyber-Forensics and Training Alliance, Neustar, Spamhaus, Team Cymru, Trend Micro, and the University of Alabama at Birmingham.

The group was created specifically to deal with this DNS Changer malware, and with a few mouse clicks, users can determine if their machine is infected and find out how to fix it.

The malware secretly altered the settings on infected computers, enabling the defendants to digitally hijack Internet searches and reroute computers to certain websites and advertisements, which entitled the defendants to be paid. The defendants subsequently received fees each time these websites or ads were clicked on or viewed by users.

The malware also prevented the installation of antivirus software and operating system updates on infected computers, leaving those computers and their users unable to detect or stop the defendants’ malware, and exposing them to attacks by other viruses.

Here are some examples of what the malware did from the FBI’s release:

When the user of an infected computer clicked on the domain name link for the official website of Apple-iTunes, the user was instead taken to a Web site for a business unaffiliated with Apple Inc. that purported to sell Apple software.
When the user of an infected computer clicked on a domain name link for Netflix, the user was instead taken to a Web site for an unrelated business called “BudgetMatch.”
According to the article in the Times, most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.

Leave a Reply

Comments are closed on this post.