Malware Monday looms, but can be averted

 

Tens of thousands of computers are still infected with a virus known as the DNSChanger Malware, and risk losing Internet access Monday without taking the appropriate steps.

abeasley@miamiherald.com

Computer geeks and federal agents have a warning for the public this weekend: Don’t wake up Monday with a case of the Malware Blues.

Upward of 60,000 American laptops and desktops late this week were still infected with the notorious DNSChanger Malware — a computer virus that debuted five years ago. And unless those impacted take the necessary steps, the FBI warns, they will be without Internet access come Monday morning.

Shortly after midnight Monday morning, the feds will switch off the temporary servers they had set up to let those affected by the bug safely use the Internet. The pending blackout has been ominously named Malware Monday.

But while a morning without the Web would surely be an inconvenience for those affected, this latest media frenzy might be a bit overblown, says Steven Luis of Florida International University’s school of computing and information sciences.

“This is not a Y2K moment,” Luis said. “You’ll still get paid. The [Mayans] are not involved.”

For starters, the odds that your computer is infected are tiny. Roughly seven of every 10 American households reported having Internet access in 2009 — the latest estimate available — in a nation of more than 300 million people.

And while roughly a half-million computers in the United States were at one time infected by the virus, nearly 90 percent of those cases have been fixed with updated antivirus software.

So what exactly is the DNSChanger Malware?

Malware is the generic term for destructive entities such as viruses and worms that alter the way computers work. This particular virus, hatched by six Estonian nationals to manipulate the Internet advertising industry, has affected roughly four million computers in more than 100 countries — including individuals, businesses, and government agencies such as NASA.

The malware targeted a computer’s Domain Name System — the Internet service that converts URLs like Yahoo.com into numerical addresses that computers use to communicate. The cyber criminals would redirect Web surfers away from the sites they want, and on to fake or doctored pages. The scam generated up to $14 million in illegal fees.

Last November, the FBI announced the arrest of the virus’ creators, capping a two-year investigation dubbed Operation Ghost Click. While DNSChanger’s architects — part of the Rove Digital criminal enterprise — have been locked up, their disease has remained a scourge for many. The FBI gained temporary authorization to deploy clean DNS servers, allowing infected machines to still access the Internet. But that stop-gap measure ends Monday morning. Computers still with the bug will get nothing but error pages when they pull up a browser.

Thomas Grasso, a supervisory special agent in the FBI’s cyber division, said on the agency’s website that he hopes the public will “follow our recommendations to: one, determine if they’re affected by this; and then two, fix the problem.”

To help you do so, the feds and security experts from Georgia Tech have established a detection and repair website: http://www.dcwg.org/.

Simply by clicking on a link on the site’s homepage, visitors can run a self-diagnostic test on their machine. As late as Friday afternoon, company IT chiefs were alerting employees to run the test on company equipment.

Those whose machines test positive for DNSChanger are urged to buy an antivirus program such as McAfee Stinger or Norton Power Eraser, which should cure the cyber illness. Home routers might also be affected; those that are will need to be reset, Luis said.

And for certain, it’s much easier — and cheaper — to fix the problem in advance than to deal with it Monday, Luis said. If you’re stuck Monday, you’re urged to call your service providers for help.

“My best advice would be to take a moment this weekend and take care of it,” he added. “The good news is, we’ve had months to prepare for this. It’s like comparing a tornado to a hurricane. But the time is now.”

Read more Top Stories stories from the Miami Herald

Miami Herald

Join the
Discussion

The Miami Herald is pleased to provide this opportunity to share information, experiences and observations about what's in the news. Some of the comments may be reprinted elsewhere on the site or in the newspaper. We encourage lively, open debate on the issues of the day, and ask that you refrain from profanity, hate speech, personal comments and remarks that are off point. Thank you for taking the time to offer your thoughts.

The Miami Herald uses Facebook's commenting system. You need to log in with a Facebook account in order to comment. If you have questions about commenting with your Facebook account, click here.

Have a news tip? You can send it anonymously. Click here to send us your tip - or - consider joining the Public Insight Network and become a source for The Miami Herald and el Nuevo Herald.

Hide Comments

This affects comments on all stories.

Cancel OK

  • Marketplace

Today's Circulars

  • Quick Job Search

Enter Keyword(s) Enter City Select a State Select a Category