Malware Monday: What to do if your computer's disconnected
Published Sunday, July 8, 2012 11:52AM EDT
Last Updated Monday, July 9, 2012 9:44AM EDT
For the thousands of Canadians and others worldwide unable to access the Internet from their malware-infected personal computers, there's a simple fix.
Computer-users with infected machines are likely finding their Internet browsers coming up empty Monday, after the U.S. Federal Bureau of Investigation shut down the temporary servers that had been providing them with a lifeline to the web.
Before the servers were shut down just after midnight ET Monday morning, Canadians could visit the "Canadians Connected" website to check whether their system hosted the culprit "DNSChanger" malware.
For those who missed the deadline, there's no need to panic as a simple fix is available.
It's recommended you make a backup of the important files on the affected computer, and ensure the DNS settings that determine how the computer links to the web are accurate.
Then you'll need to find another computer with a still-active connection to the Internet. Once logged on, download one of the freely available diagnostic and repair software programs found on the DNS Changer Working Group's (DCWG) webpage.
Transfer the downloaded program, by USB memory stick for example, and run it on the infected computer.
Depending how far you have to go to find an unaffected computer, the process could take less than 10 minutes.
Whether or not your computer was hosting the malware, experts say this episode offers a warning.
"Anti-virus just doesn't cut it anymore. You need to have the anti-virus program and the malware protection program," computer technician Tino Klironomos told CTV News.
Better yet, web surfers should understand the Internet isn’t always a safe place to play, research or post material.
“The Internet is a global neighbourhood and there’s lots of bad parts of that neighbouhood,” Canadian Internet Registration Authority’s Byron Holland said in.
“So, just like you’re driving in your car, you know, there’s parts of town you probably shouldn’t go.”
Computers worldwide were infected by the malware in an online advertising scam run by an Estonia-based criminal gang.
Although the malicious software probably slowed users' Internet access and disabled their antivirus software, they would have no way of knowing their computers were connecting to the Web through the criminals' servers.
“It’s kind of like the bad guys having taken out your phonebook out of your house and putting in a fake phonebook,” John Bullock, Dalhousie University’s data security head, told CTV News.
“So when you think you’re calling whoever you think you’re calling, you’re actually calling someone else.”
When the FBI moved to shut down the crime ring in November 2011, they discovered that flicking the switch could disconnect millions of computers. That's when they hired a private company to set up the temporary fix.
FBI officials estimate approximately 250,000 computers were still infected with the malware Monday.
With files from CTV News Atlantic Bureau Chief Todd Battis