Planning on using the Internet Monday? You might
want to join the thousands of people who are checking their computers to make
sure they won't lose connection.
The FBI's temporary
Internet servers will go dark Monday, leaving thousands of unsuspecting
malware-infected individuals without online access.
What temporary
Internet servers, you ask? They might have been connecting you to Facebook,
YouTube, and -- ahem! -- ABCNews.com for the last month, and you didn't even
know it. Really.
It started in 2007,
when a group of hackers -- six Estonians and one Russian -- allegedly started
masquerading as Internet advertisers who were paid by the click, according to
an 2011 indictment from the U.S. Attorney General's
Office in the Southern District of New York. In other words, if an ad got more
clicks, they pocketed more cash.
So they figured out
a way to beat the system, according to the indictment. They created a piece of
malware, called DNS Changer, that tampered with the DNS -- the thing that takes
a website address and finds the numerical IP address to connect you to that
website -- redirecting millions of Internet users to sites they didn't search
for.
For instance, if your computer was infected and you
clicked a link to go to Netflix, you would wind up at "BudgetMatch,"
according to the FBI. The practice is called "click hijacking."
Once the FBI got
around to fixing the problem in 2011, it realized it couldn't simply shut down
the rogue servers because infected computers would be left without a
functioning DNS, leaving them virtually Internet-less. So it set up temporary
servers to give malware-infected Internet users time to fix their computers.
And time runs out on
Monday, July 9.
(There isn't a
planned attack this Monday that will shut down the Internet; those whose
computers are already infected will lose the Band-Aid the FBI put on the
problem more than a year ago.)
Who Is Affected?
Initially, there
were more than 4 million infected computers in 100 countries, including 500,000
in the United States, according to the indictment.
As of July 4, there
were only about 46,000 in the United States, FBI spokeswoman Jenny Shearer told
ABCNews.com today. (That's out of nearly 300,000 worldwide.)
PCs and Apple Macs
have been infected. Routers and iPads were hit, too.
As of June, the
United States had more infected computers than any other country, according to data from the DNS Changer Working Group, or
DCWG, a group working on cleanup resulting from the malware.
How Do I Know if My Computer Is Infected?
You can check to see
whether your computer is infected by clicking
on this link, which is run by DCWG.
If the page is
green, you're in the clear. If it's red, your computer is infected.
On Thursday the site
got 2 million hits, but very few of those computers were infected, DCWG
volunteer Barry Greene told ABCNews.com.
Google and Facebook
say they have also set up notifications for infected users. If you type in a
search term and see a message that says, "Your computer appears to be
infected" at the top of your screen, guess what. Your computer is
infected.
Comcast, AT&T
and Verizon are among the other organizations notifying customers if they have
infected machines.
Important: According to DCWG, you should not need to scan, make changes
or download anything to tell whether your computer is infected.
The good news is DCWG has put together a page of trusted tools and a
step-by-step guide for how to fix your computer.
The bad news is it can take a day or two actually to
fix the problem, Greene told ABCNews.com. That's because the malware is in a
deep section of the hard drive called the "boot sector."
"The malware problem out there is nasty, and it's impacted
society on multiple levels," Greene said. "It's extremely hard to get
rid of. In most companies, if they get infected with it, they throw away the
hard drive."
If you can't do that, follow the instructions. They
include backing up your files and reinstalling your operating system.
What Do I Do if I Lose Internet on Monday?
The FBI and DCWG recommend contacting your Internet service
provider. They'll be able to give you instructions on what to do next.
Source : abc News